Presentation is loading. Please wait.

Presentation is loading. Please wait.

EITAC Cybersecurity program and IT Security updates

Published byJason Kerry Walker Modified over 6 years ago

Similar presentations

Presentation on theme: "EITAC Cybersecurity program and IT Security updates"— Presentation transcript:

1 EITAC Cybersecurity program and IT Security updates
November Denise Ernst, ISO

2 Background Queen’s has begun a two stage approach to reduce the risk of a cyberattack. Stage 1- Reduce the likelihood of IT Hijack (over months) Enhance our technical capabilities to prevent and detect IT hijack; Improve peoples’ ability to identify and resist hijack attempts; Begin to foster a security-aware culture Stage 2: Reduce the overall risk of a cyberattack (2-3 year program) transition Queen’s cybersecurity practices from reactive to preventative Details on initiatives will be provided in May 2017.

3 Program Management Updates
Engaged Sr. Security Specialist consultant Drafted governance and reporting structure. Under review. Released RFP for professional services assistance. RFP closed November 8. Identified project outcomes - network security, Executing Communication Plan: Social media campaign, meetings held with 7 stakeholder groups and large portfolio units, article in ITS Newsletter and upcoming article in Gazette, website notices, completed Cyber Security Awareness month campaign Status: GREEN (schedule, budget, outcomes). Celebrate successes: a. Ten companies intending to respond to request for assistance with program. b. Microsoft significantly reduced the cost of their threat protection tool. c. Awareness of, and attention to, cybersecurity improving. Key challenge: d. Re-focus of IT resources on cybersecurity

4 Project Groups 1 and 2 Update
Description Project Updates 1. Network Security 1.1 Network Access Control Phase-in network controls to prevent unprotected/unmanaged devices from accessing the Queen’s network. Designed device risk heatmap used to identify maximum risk reward. Proof of concept underway. 1.2 Network Security Architecture Begin to modernize the existing network design and configuration to provide additional layers of security. Drafted initial recommendations. Implementation will commence upon appointment of professional services. 2. Security 2.1 Advanced Threat Protection Enhance security of Queen’s service to minimize the propagation of malicious messages.

5 To commence upon appointment of professional services.
Project Group 3 - Update Group Project Description Project Updates 3. Endpoint Security 3.1 Security Monitoring Program Design and implement a program for the continuous monitoring of the IT environment to detect and prevent attacks against devices such as laptops, servers, mobile phones. To commence upon appointment of professional services. 3.2 Vulnerability Management Program Design and implement a program for the continuous management of technical vulnerabilities across campus. Initial recommendations drafted and under ITS review.

6 To commence upon appointment of professional services.
Project Group 4 Update Group Project Description Project Updates 4. Security Awareness 4.1 Social Engineering Exercise Design and implement an exercise aimed to verify users’ ability to identify phishing s and inform on best practices. To commence upon appointment of professional services. 4.2 Security Course Renew security awareness course. 4.3 Ransom Policy Develop and implement a policy for ransom demands. 4.4 Security Awareness Policy Develop and implement a policy for mandatory security awareness training.

7 Cybersecurity program – Email Security
All Queen’s mail will be scanned and filtered through O365 Mail will flow through enterprise security measures prior to forwarding onto local mail service or local mailbox Mail reputational services will be enhanced to limit others from spoofing Queen’s mail Changes to mail flow will occur first, no user impact anticipated New enterprise security measures (e.g. configuration changes, new filters) will be phased in during An implementation plan is forthcoming. It will be important to inform ITS of any local mail service to avoid an impact to users Testing will begin in December

8 Email Security : Local mail service
The goal is to have all Queen’s user communities benefit from additional enterprise security measures, designed to reduce the number of malicious messages a user receives. Do any of your applications use a mail service other than mail.queensu.ca? a. What business purpose? b. How many users? c. What is the daily/cyclical volume? d. Does it require mass mailing? e. Mail service name? f. Can it be decommissioned? Please provide this information to Terry Black by the end of November. Responses due by end of November If app is using enterprise don’t need to know

9 read, share, and promote e-waste procedures
IT Security: E-Waste New procedures for e-waste coming soon Contact the Sustainability Office to arrange pickup and destruction of e-waste E-waste awaiting pickup: store in secure area, inaccessible to the public. Never leave e-waste unattended, in an unsecured area. read, share, and promote e-waste procedures Background The campus computer store provided a hard drive cleaning (degaussing) and disposal service. The service ceased upon store closure. Hard drives no longer need to be removed from computers prior to disposal E-waste will be shredded, off-site

10 IT Security: Printer Security
Configuration changes required on printers to protect from cyber exploits. A number of printers were exploited this year resulting in printouts of offensive propaganda material across campus. Changes to printer security– Additional printer security configurations recommended Printers will move to secure IP address  read, share, and promote printer security procedures

11 What you should know – Printer security
Printers identified as being publicly accessible have been identified and the ITSC is in the process of identifying and contacting the owners of these devices. Our current process is to filter the leased Canon’s and Xerox printers to limit access to be only from within Queen’s All other printers will move to a private network, inaccessible from the internet. All other printers: Inform the IT Support Center (ITSC) if a printer requires internet access. For more information, please contact the ITSC.

12 Other updates Password policy enforcement Linux vulnerability
Significant number of end of life or end of support technologies discoverable on network Mirai botnet (IoT)

Download ppt "EITAC Cybersecurity program and IT Security updates"

Similar presentations

Pennsylvania BANNER Users Group 2007 Disaster Recover For The Financial Aid Environment.

Pennsylvania BANNER Users Group 2007 Disaster Recover For The Financial Aid Environment.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
IT is our job! Mind your own business.. 1.Consulting 2.Support 3.Maintenance Network Assessment We provide you with an overview of your current network,

IT is our job! Mind your own business.. 1.Consulting 2.Support 3.Maintenance Network Assessment We provide you with an overview of your current network,
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
1.1 System Performance Security Module 1 Version 5.

1.1 System Performance Security Module 1 Version 5.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
V 1.0 May 16,2011 Audience: Staff Outlook Agent For the latest version of this document please go to:

V 1.0 May 16,2011 Audience: Staff Outlook Agent For the latest version of this document please go to:
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
AGENDA NCSIP Mandate IT Security Threats Specific Action Items Additional Initiatives.

AGENDA NCSIP Mandate IT Security Threats Specific Action Items Additional Initiatives.
Computer Security By Duncan Hall.

Computer Security By Duncan Hall.
BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.

BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.
Information Management and the Departing Employee.

Information Management and the Departing Employee.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID # 0435738.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Similar presentations

Ads by Google