Police Prepare for Cyber Attacks

Uploaded on 2018-02-23 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Halifax Regional Police department is on the hunt for a new chief information security officer to develop and then manage its IT security.

 Until the newly-created CISO position is filled, HRP’s systems are presumably more vulnerable to outside cyber-attacks. Just how vulnerable, though, the department isn’t saying.

“The field of IT security and delivery is evolving fast, and police departments’ security needs are unique and complex,” says HRP spokesperson Neera Ritcey. “In recognition of that, we are constantly assessing the effectiveness of our systems, and where necessary, we take action and are continuously improving our systems.”

The police department’s current business plan calls for the development of a cyber threat protocol and policy to help HRP combat external attacks. 

As part of that work, consultant group KPMG was hired to complete a “Cyber Threat Assessment” on HRP’s security of systems, data and policies.

A completed version of that assessment was submitted last year, but in a December update to the Board of Commissioners, chief Jean-Michel Blais writes there are “disagreements regarding security application. 

A Freedom of Information request recently for a copy of KPMG’s cyber threat assessment. The request was refused.

Police inspector and HRP FOIPOP coordinator Donald Mosher claims the release of even a redacted version of the report or any of the emails about its contents “could reasonably be expected to harm the security”. Ritcey explains away those “disagreements” alluded to by Blais as part of the normal “back-and-forth” that happens with any project.

Nevertheless, until an agreement on the way forward is reached and until an experienced CISO is hired, HRP is apparently unable to implement the findings.

Funding for the new CISO position was approved in last year’s police budget as part of an overall IT strategy. The future hire will develop a strategic view of security and operations, says Ritcey, and will act as HRP's liaison for all IT-related matters with HRM and partner agencies.

Candidates for the chief information security officer position will need a minimum 10 years in IT management. 

“The roles and approach to policing have seen unprecedented change,” reads a job ad. “Halifax Regional Police face increasing public expectations and scrutiny around their adoption of digital technology in their approaches to identifying, responding to and preventing crime in Halifax.”

The Halifax Regional Municipality is also looking for an outside assessment of its own IT security. A request for tenders released earlier this month asks for firms who can test out city hall's hardware and software vulnerabilities against attacks such as phishing and ransomware.

The  Coast

You Might Also Read:

Canada’s Electronic Spies Unleashed:

Canada Prioritizes Cyber-Attack:

Cybercrime in Canada:
 

 

« Delve Into GDPR - Questions & Answers
Cybersecurity Is A Job for CEOs, Not Just The IT Team »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Allgress

Allgress

Allgress solutions converge disparate risk silos across enterprise networks and automate governance, risk and compliance management processes.

Hillstone Networks

Hillstone Networks

Hillstone Networks offers a broad range of security solutions for enterprises and data center networks – whether physical, virtual, or in the cloud.

Certego

Certego

Certego is a company of the VEM Sistemi Group specialised in providing managed computer security services and to combat Cyber Crime.

Niagara Networks

Niagara Networks

Niagara Networks is a Network Visibility industry leader, with emphasis in 1/10/40/100 Gigabit systems and mission-critical IT and security appliances.

Parsons

Parsons

Parsons has developed a converged security offering that combines cybersecurity, integrated network solutions, and critical infrastructure protection.

TI Safe

TI Safe

TI Safe provide cybersecurity solutions for industrial networks of main critical infrastructures in Latin America.

Redbelt Security

Redbelt Security

Redbelt is a cyber security consultancy. We integrate people, systems, services and products to transform how your information security is delivered.

Italtel

Italtel

Italtel is a multinational ICT company that combines networks and communications services with the ability to innovate and develop solutions for digital transformation.

Startups.be

Startups.be

Startups.be helps tech entrepreneurs to be successful by providing quality access to service providers, business partners, customers and investors.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

IriusRisk

IriusRisk

IriusRisk is an open Threat Modeling platform that automates and supports creating threat models at design time.

eCapital

eCapital

eCAPITAL is a leading venture capital firm that provides early to growth stage funding to technology companies in fields including software & information technology, cybersecurity and industry 4.0.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.

SecureAck

SecureAck

From our A-Op SaaS automation platform to Managed Automation-as-a-Service (MAaaS), SecureAck offer powerful security automation the way that best suits your organisation's needs.

Chorus Cyber

Chorus Cyber

Chorus are a leading Managed Security Service Provider (MSSP), and member of the Microsoft Intelligent Security Association (MISA), with three Microsoft Advanced Specialisations in security.

GIS Consulting (GISPL)

GIS Consulting (GISPL)

From General Data Protection Regulations to advanced Network Infrastructure Audits, GIS Consulting has established a reputation as one the leading cyber security companies in the industry.