Date post: | 03-Jan-2016 |
Category: |
Documents |
Upload: | eugene-cummings |
View: | 228 times |
Download: | 0 times |
Security Alberta Tim McCreight, CISO – Government of Alberta Moderator: Moderator: Illena Armstrong, editor-in-chief,
SC Magazine
WARNING
This Speaker may contain coarse language, personal opinions and occasional scenes of
nudity and is rated for adult audiences.
Viewer discretion is advised.
Outline
• Quick Intro• The past…• …meets the Auditors• Issues & Threats• Progress made• Looking ahead• Q&A
Quick Intro
• Almost 30 years in Information Systems, Physical and IT security
• Certifications in both Physical and IT Security…
• Audit experience, too!• Interesting
combination…
The Past – con’t
• Each division responsible for security
• Each area spent based on their perception of risk…
• Some areas mature, others – not
• Not conducive to sharing…
Meets the Auditors
• OAG Report in 2008 identified major issues:– Identified flaws in the
federated model for IT Security
– Individual departments not following one central approach
– No overall area responsible for security
Issues and Threats – con’t
• Coordinating across multiple divisions
• Budget• Resources• Moving to web-centric
services:– Citizen’s portal– Identity & Access
Management– Reliance on Social
Media
• Increased scrutiny from public, etc.
• Malware and blended threats
• Mix of new/old technologies
• Coordinating with multiple service providers…
Progress Made – con’t
• Created Directives:– Based on ISO– Endorsed by Sr.
Management– Identified “rules of the road”
for IS Security
• Created central monitoring and surveillance program
• Developed forensic examination capabilities
• Sought industry-leading Managed Security Services
• Began reaching out to other security/risk groups
• Focused on enforcement• Began cleanup of ID’s,
privileges and access control
• Linked with Corporate Architecture
Progress Made – con’t
• Focused on education:– Online eLearning
course– Online brochure
• Got a seat at the table for:– Social Media policy– Overarching Security
Policy
Looking Ahead – con’t
• Goal: protect the data/core:– Never win the endpoint security game– User behavior still an issue…
• How to achieve this state:– Virtualization– Enhanced Security Operations Centre (SOC)– BYOC– Intelligent traffic scanning
Embracing Virtualization
• Move toward this cautiously..
• Focus on removing the endpoint issues:– Locked down session– Roles based control– Forced path to apps– Use technology to
meet business requirements
Enhanced SOC
• Integrate SOC into all IT components:– MSS– Network
• Boundary• Internal
– Wireless– Virtual environment
• Desktops• Servers
– Physical systems
BYOC
• What if we didn’t care what you used to:– Access email– Connect to applications– Generally, work!
• Bring Your Own Computer!
• Secure, virtual containers• App store…• RBAC/fine-grained
control• No data left behind…
Intelligent Traffic Scanning
• A virtual world has challenges:– Tough to prove segregation
• Need to build Defense in Depth:– Escalating trust levels– Finite access control– More mgmt
scanning/logging– Scanning active/dormant
VM’s– Monitor, authenticate and
authorize…
Thank You!
Tim McCreight, CISSP CPP CISA
Chief Information Security Officer
Government of Alberta