Police Prepare for Cyber Attacks

Uploaded on 2018-02-23 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Halifax Regional Police department is on the hunt for a new chief information security officer to develop and then manage its IT security.

 Until the newly-created CISO position is filled, HRP’s systems are presumably more vulnerable to outside cyber-attacks. Just how vulnerable, though, the department isn’t saying.

“The field of IT security and delivery is evolving fast, and police departments’ security needs are unique and complex,” says HRP spokesperson Neera Ritcey. “In recognition of that, we are constantly assessing the effectiveness of our systems, and where necessary, we take action and are continuously improving our systems.”

The police department’s current business plan calls for the development of a cyber threat protocol and policy to help HRP combat external attacks. 

As part of that work, consultant group KPMG was hired to complete a “Cyber Threat Assessment” on HRP’s security of systems, data and policies.

A completed version of that assessment was submitted last year, but in a December update to the Board of Commissioners, chief Jean-Michel Blais writes there are “disagreements regarding security application. 

A Freedom of Information request recently for a copy of KPMG’s cyber threat assessment. The request was refused.

Police inspector and HRP FOIPOP coordinator Donald Mosher claims the release of even a redacted version of the report or any of the emails about its contents “could reasonably be expected to harm the security”. Ritcey explains away those “disagreements” alluded to by Blais as part of the normal “back-and-forth” that happens with any project.

Nevertheless, until an agreement on the way forward is reached and until an experienced CISO is hired, HRP is apparently unable to implement the findings.

Funding for the new CISO position was approved in last year’s police budget as part of an overall IT strategy. The future hire will develop a strategic view of security and operations, says Ritcey, and will act as HRP's liaison for all IT-related matters with HRM and partner agencies.

Candidates for the chief information security officer position will need a minimum 10 years in IT management. 

“The roles and approach to policing have seen unprecedented change,” reads a job ad. “Halifax Regional Police face increasing public expectations and scrutiny around their adoption of digital technology in their approaches to identifying, responding to and preventing crime in Halifax.”

The Halifax Regional Municipality is also looking for an outside assessment of its own IT security. A request for tenders released earlier this month asks for firms who can test out city hall's hardware and software vulnerabilities against attacks such as phishing and ransomware.

The  Coast

You Might Also Read:

Canada’s Electronic Spies Unleashed:

Canada Prioritizes Cyber-Attack:

Cybercrime in Canada:
 

 

« Delve Into GDPR - Questions & Answers
Cybersecurity Is A Job for CEOs, Not Just The IT Team »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

SecDev

SecDev

SecDev is a consulting firm working at the intersection of geopolitical, digital, urban, energy and cyber risk.

MobileIron

MobileIron

MobileIron provides EMM capabilities to IT organizations that need to secure mobile devices, applications and content.

Cyber Execs

Cyber Execs

Cyber Execs is a Cyber Security Consultancy & Executive Recruitment firm.

Regulus Cyber

Regulus Cyber

Regulus enables drones, robots and autonomous vehicles to operate safely, without malicious or accidental interference to the operation of their mission.

QuickLaunch

QuickLaunch

QuickLaunch transforms how cloud-savvy institutions and companies manage human and device authentication, authorization, access control and integration.

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

Templar Shield

Templar Shield

Templar Shield is a premier information security, risk and compliance technology professional services firm serving North America.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ENSCO

ENSCO

The ENSCO group of companies provides engineering, science and advanced technology solutions that guarantee mission success, safety and security to governments and private industries worldwide.

StickmanCyber

StickmanCyber

At StickmanCyber we are on a mission to create a digital world that is safe for everyone - we are your trusted cybersecurity partner.

SandboxAQ

SandboxAQ

SandboxAQ is an enterprise SaaS company combining AI + Quantum tech to solve hard problems impacting society.

Buchanan Technologies

Buchanan Technologies

Buchanan Technologies is a leading IT consulting and outsourcing services firm. Our methodology transforms everyday technology investments into streamlined, secure and scalable solutions.

NexusTek

NexusTek

NexusTek is a managed IT services provider with a comprehensive portfolio comprised of end-user services, cloud, infrastructure, cyber security, and IT consulting.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

Xcelerate Solutions

Xcelerate Solutions

Xcelerate Solutions is a leading defense and national security company, providing integrated solutions in three service areas – Enterprise Security, Digital Transformation, and Strategic Consulting.

Amplifier Security

Amplifier Security

Amplifier Security are on a mission to empower security teams to modernize their practice by connecting the dots between their security stack and their people.