image

Assessing Current Cyber-Security Methods and Practices in Canadian Public Sector, Crown Corporations and Major Private Sector Stakeholders

Assessing Current Cyber-Security Methods

and Practices in Canadian Public Sector,

Crown Corporations and

Major Private Sector Stakeholders

Author/ Researcher

Valarie Findlay, President, HumanLed Consulting

January - July 2015

Contacts for this study:

Valarie Findlay

(613) 798-3746

Vaf2@st-andrews.ac.uk / vfindlay@humanled.com Kevin Wennekes

(613) 769-8614

kwennekes@cata.ca

Appendix A: Ethics Form - Handling of Data and information
Appendix B: Study Guiding Questionnaire
Study Objectives

The detailed study, Communicating the Threat, has a three-fold focus:

Cyber-Security in the Counter-Terror Model - Counter-terror models focus on physical threat-activities and encourage cross-departmental collaboration, communication and shared, exchangeable skills and capabilities including the transfer of information and intelligence from the federal to the community level. The discipline of cyber-security will be analyzed and evaluated in the same framework utilized in counter-terror models, conceptualized in legislation and at the operational and practical levels to deter, actively prevent, detect, respond and recover from cyber-threats and potential cyber-terrorist attacks.

Cyber-Security Collaboration and Knowledge Sharing Cross-Sector - This area will assess current practices in information gathering and sharing, and its utilization, on cyber-security threats in the Canadian public sector, Crown corporations and major private sector stakeholders.

Assessing Current Threat/Risk Assessment (TRA) Approaches and Tools - Examining new Threat/Risk Assessment options and approaches that will provide a dynamic, detailed analysis of threats, risks, vulnerabilities and assets and continuous improvement/shorter iteration cycles to ensure the most relevant and timely data

Recommendations

Approach and Methodology

Through one-on-one interviews with key executives and stakeholders  in the Canadian public sector, crown corporation or private sectors where national assets would be impacted, the study will seek input (in the context of the above focus areas) by examining:

  1. the current overall practices in information sharing and gathering;
  2. types and scope of information exchanged ; and,
  1. limitations or gaps in the above and suggested improvements.

Study Background

This study is supported by findings from a previous study, “Cyber-Threats, Terrorism and the Counter-Terror Model", (V Findlay, May 2014).

It was concluded, that as cyber-threats are asymmetrical and they continue to evolve, often outpacing legislation and counter measures, and the growth and sophistication cyber attack tools and techniques have accelerated dangerously in the recent past and that communication and collaboration is a key activity in developing competencies and assurances when preventing and detecting cyber-threats.

Study Control Criteria

The following criteria will be met to achieve validity in results:

  1. Participants must be of three groups and may include input from academia: Canadian public sector, Crown corporation or private sector where national assets would be impacted and three levels will be represented: executive or C level, senior management (hiring and supervisory) and operational staff and resources,
  1. The context is in the four pillars of security management: prevention, detection, response and recovery from cyber-threats towards information or network technologies (including devices, code, configurations, etc.) of the above,
  1. Assessed practices will relate to information sharing and gathering, and
  1. A questionnaire-guided interview (either in person or telephone) will constrain collected information and ensure consistency.
  1. Peer reviews and input may be solicited from any of the identified participant groups.

Study Approach and Results

Information will be collected in questionnaire-guided in-person or telephone interviews and will explore three key areas:

  1. Describing the current methods for determining risk and threat.
  2. Describing the current legislation in relation to the counter-terrror model and whether it adequately meets the needs in supporting the management of cyber-threat.
  3. Describing the current overall practices in information sharing and gathering for the subject department or organization.
  4. Detailed examination of types of information exchange, scope of information, types of cyber-threats, timeliness, processes for clarification and escalation
  5. Limitations or gaps in the above and end user suggested improvements

Ethical Considerations

The interview data being used is unclassified and terms of issues raised with regard to this research relate strictly to:
1) the verification of interview participant credentials,
2) agreement to the handling of credit of the data and comments by interview participants,
3) the collection, storage, access and destruction of all formal and informal collected data, comments and notes and,
4) confidentiality of names, organizations and departments of participants

Cyber-Security in the Counter-Terror Model

Cyber-Security in the Counter-Terror Model - Counter-terror models focus on physical threat-activities and encourage cross-departmental collaboration, communication and shared, exchangeable skills and capabilities including the transfer of information and intelligence from the federal to the community level. The discipline of cyber-security will be analyzed and evaluated in the same framework utilized in counter-terror models, conceptualized in legislation and at the operational and practical levels to deter, actively prevent, detect, respond and recover from cyber-threats and potential cyber-terrorist attacks.

Recommendations

Cyber-Security Collaboration and Knowledge Sharing Cross-Sector

Cyber-Security Collaboration and Knowledge Sharing Cross-Sector - This area will assess current practices in information gathering and sharing, and its utilization, on cyber-security threats in the Canadian public sector, Crown corporations and major private sector stakeholders.

Recommendations

 

Assessing Current Threat/Risk Assessment (TRA) Approaches and Tools - Examining new Threat/Risk Assessment options and approaches that will provide a dynamic, detailed analysis of threats, risks, vulnerabilities and assets and continuous improvement/shorter iteration cycles to ensure the most relevant and timely data.

Recommendations

written by Valarie Findlay

vfindlay@humanled.com