Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security Programme

Published byDylan Baker Modified over 6 years ago

Similar presentations

Presentation on theme: "Cyber Security Programme"— Presentation transcript:

1 Cyber Security Programme
Stepping up to the challenge

2 Threat Overview 'Wetware' has been the primary attack vector
Globally | Universities (60+) SQLi Attack from 'Rasputin' United Kingdom | UoC  Bank Fraud Hate Crime Various attacks via Social Media attacks / Reputational Damage

3 User Needs – Cyber Security
AS a Cambridge academic I NEED a secure IT environment at minimal (zero) inconvenience SO THAT I can get on with my work without interruption or distraction Minimal inconvenience means, trouble free connectivity to things I need to access and software I need to use, no degradation in performance from security software, […] Interruptions might be recovering my computer from hostage hacking, attending hearings on data breaches, loss of computer for days while it is inspected and restored, permanent loss of data, [...]

4 *These are under-reported
Wetware Social Engineering attacks have been the main attack vector, focusing on four forms of exploitation: Raven credentials in order to gain Journal Access Bank Fraud Crypto Locker Injections* Hate Mail Campaigns *These are under-reported

5 Response To provide a robust response to threats, Threat Intelligence reports will be generated Monthly, and on an ad hoc basis Global National Universities UoC Departmental Level (Cyber Security Exposure/Risk Reports)

6 Programme Update Cassie Bradley

7 Cyber Technical Review Recommendations
Martin will want this putting up half way through his discussion.

8 Programme design How Security Engineering Institutional maturity model
Policy and toolkits Security Operations Centre Incident response (CamCERT) Security Engineering Security Assured Services Institutional maturity model Engagement Institutional Information Asset owner Stakeholders (Who) Head’s of institution Computer officers Everyone in UIS UIS Service owners & managers Users Information asset owners Audit Committee Outcomes (What) Engagement – challenging self learning culture Enabled by UIS Resources Policies Services Tools Processes Continuous improvement Governance – Board level issue, audit and assurance Chris

9 The new and accelerated Cyber Security Programme
New SRO, Programme director and programme manager Dedicated workstreams and team leads Policy, Security Operations, Frameworks, Identity & Access management, plus two engagement strands New Steering Committee to help with cultural change across the University Help needed across the Collegiate University

10 Other workstreams Workstream Deliverable Policy
Publication of approved policies for cybersecurity, Updated online training, High level toolkits for individuals and institutions, IPS Policy – 30 Jun Security Assured Services Approved Identity and Access Management Strategy – 30 Jun. Institutional Engagement All institutions aware of incident reporting and online training and highest risk institutions have agreed a remedial plan or issues escalated – 30 Jun Information Asset Management Engagement Schedule completed for engagement with key service owners and IAOs and asset register project in progress – 30 Jun

11 Security Operations Centre workstreams including security engineering and incident response
Jon Holgate

12 Security Engineering – Ashley Culver
Managed Firewall Service Existing pilot deployments to CCI & Faculty of Law Managed firewall service launched – w/c 6th March Prioritise Firewall deployment to specific sites Institutions consulted and deployed where possible – 30th June IPS Policy created – 31st March Institutional Consultation – One month after IPS Policy agreed IPS Implemented (BAU) – Two months after Institutional Consultation complete (Summer 2017) Intrusion Prevention System

13 Incident Management– Kieren Lovell
Full handover of responsibilities from existing CERT Team – 31st March HEAT Incident Response Implemented for team – 31st March Monthly threat assessment reports to be generated– commencing 31st March IDS monitoring and incident management as usual - Ongoing

14 UIS Server Infrastructure – Infrastructure & Network Systems
Fortigate 3000D Server Firewall Ex-UCS server network routed to behind UIS Server Firewall– 30th April Long term plans for firewall zoning and redesign of the server network DDoS (Distributed Denial of Service) Protection DDoS (Cloudflare) protection for main site – 31st March Prevention mode implemented for on premise anti-DDoS device, for the former MISD server environment – 30th April Prevention mode implemented for on premise anti-DDoS for former UCS server environment – 31st July

15 Security Assured Services workstream Institutional Maturity Model
Bob Dowling

16 Maturity Model No. Level Description 1 Basic
disjointed operations with unpredictable outcomes 2 Controlled coordinated, manageable, mostly predictable 3 Standardized and is complied with 4 Optimized regular review checking needs being met 5 Innovative new technologies continually reviewed for use

17 Levels and Indicators A maturity model is applied to individual indicators. We will be releasing sample/template standards with indicators. Indicators require objective measurement. An institution is as good as its lowest score. Focus on raising the lowest values. Realistic goal: One level per year.

18 Example Indicator “Malware protection software is installed on all computers.” No. Example 1 Device owners are left to install their own anti-malware software. 2 A selected anti-malware software is distributed by the institution to all members. 3 The institution uses a managed anti-malware service and the security standard requires its use. There are approved escalation procedures for devices that break the standard. 4 The numbers of devices that triggered a malware alert in the reporting tool or which needed chasing to install the client are tracked and form part of the governing body report. 5 The selection of anti-malware software is reviewed periodically, using the accrued reports and benchmarking against alternatives.

19 “Basic” or “controlled” maturity

20 “Standardized” maturity

21 “Optimized” maturity

22 ‘Innovative” maturity

23 This will take time A maturity model is applied to individual indicators. We will be releasing sample/template standards with indicators. Indicators require objective measurement. An institution is as good as its lowest score. Focus on raising the lowest values. Realistic goal: One level per year.

24 Questions?

Download ppt "Cyber Security Programme"

Similar presentations

Achieve Benefit from IT Projects. Aim This presentation is prepared to support and give a general overview of the ‘How to Achieve Benefits from IT Projects’

Achieve Benefit from IT Projects. Aim This presentation is prepared to support and give a general overview of the ‘How to Achieve Benefits from IT Projects’
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.

SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Web Security for Network and System Administrators1 Chapter 2 Security Processes.

Web Security for Network and System Administrators1 Chapter 2 Security Processes.
ICT development office ICT research, planning and training dept. Network development and administration dept. System development and operation dept. President.

ICT development office ICT research, planning and training dept. Network development and administration dept. System development and operation dept. President.
Appendix C: Designing an Operations Framework to Manage Security.

Appendix C: Designing an Operations Framework to Manage Security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.

Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
IT Security Policies and Campus Networks The dilemma of translating good security policies to practical campus networking Sara McAneney IT Security Officer.

IT Security Policies and Campus Networks The dilemma of translating good security policies to practical campus networking Sara McAneney IT Security Officer.
Regional Telecommunications Workshop on FMRANS 2015 Presentation.

Regional Telecommunications Workshop on FMRANS 2015 Presentation.
Incident Response Christian Seifert IMT551 31 st October 2007.

Incident Response Christian Seifert IMT st October 2007.

Similar presentations

Ads by Google