Police Prepare for Cyber Attacks

Uploaded on 2018-02-23 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Halifax Regional Police department is on the hunt for a new chief information security officer to develop and then manage its IT security.

 Until the newly-created CISO position is filled, HRP’s systems are presumably more vulnerable to outside cyber-attacks. Just how vulnerable, though, the department isn’t saying.

“The field of IT security and delivery is evolving fast, and police departments’ security needs are unique and complex,” says HRP spokesperson Neera Ritcey. “In recognition of that, we are constantly assessing the effectiveness of our systems, and where necessary, we take action and are continuously improving our systems.”

The police department’s current business plan calls for the development of a cyber threat protocol and policy to help HRP combat external attacks. 

As part of that work, consultant group KPMG was hired to complete a “Cyber Threat Assessment” on HRP’s security of systems, data and policies.

A completed version of that assessment was submitted last year, but in a December update to the Board of Commissioners, chief Jean-Michel Blais writes there are “disagreements regarding security application. 

A Freedom of Information request recently for a copy of KPMG’s cyber threat assessment. The request was refused.

Police inspector and HRP FOIPOP coordinator Donald Mosher claims the release of even a redacted version of the report or any of the emails about its contents “could reasonably be expected to harm the security”. Ritcey explains away those “disagreements” alluded to by Blais as part of the normal “back-and-forth” that happens with any project.

Nevertheless, until an agreement on the way forward is reached and until an experienced CISO is hired, HRP is apparently unable to implement the findings.

Funding for the new CISO position was approved in last year’s police budget as part of an overall IT strategy. The future hire will develop a strategic view of security and operations, says Ritcey, and will act as HRP's liaison for all IT-related matters with HRM and partner agencies.

Candidates for the chief information security officer position will need a minimum 10 years in IT management. 

“The roles and approach to policing have seen unprecedented change,” reads a job ad. “Halifax Regional Police face increasing public expectations and scrutiny around their adoption of digital technology in their approaches to identifying, responding to and preventing crime in Halifax.”

The Halifax Regional Municipality is also looking for an outside assessment of its own IT security. A request for tenders released earlier this month asks for firms who can test out city hall's hardware and software vulnerabilities against attacks such as phishing and ransomware.

The  Coast

You Might Also Read:

Canada’s Electronic Spies Unleashed:

Canada Prioritizes Cyber-Attack:

Cybercrime in Canada:
 

 

« Delve Into GDPR - Questions & Answers
Cybersecurity Is A Job for CEOs, Not Just The IT Team »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Exodus Intelligence

Exodus Intelligence

Exodus Intelligence are an industry leading provider of exclusive zero-day vulnerability intelligence, exploits, defensive guidance, and vulnerability research trends.

Cyber Senate

Cyber Senate

Cyber Senate is dedicated to bringing Operators of Essential Services together with global subject matter experts to address the challenges of evolving cyber threats to critical infrastructure.

NESEC

NESEC

NESEC is a specialist in information security consulting services and solutions.

Nexusguard

Nexusguard

Nexusguard is at the forefront of the fight against malicious Internet attacks, protecting organizations worldwide from threats to their websites, services, and reputations.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

AAROH

AAROH

AAROH helps customers in Government, Law Enforcement, and Enterprises to identify, prevent, detect, resolve and protect from threats, crimes, breaches & fraud.

Swiss Cyber Think Tank (SCTT)

Swiss Cyber Think Tank (SCTT)

The Swiss Cyber Think Tank is a business network for Cyber Risk & Insurability, providing an industry-wide networking platform for insurers, technology and security firms.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

Brighterion

Brighterion

Brighterion solutions stop payment and acquirer fraud, reduce credit risk and delinquency, fight financial crime, prevent healthcare fraud, waste and abuse, and more.

Risk Strategies

Risk Strategies

Risk Strategies is a leading specialty risk management consultancy and insurance broker offering smarter, practical approaches to risk mitigation including Cyber Liability insurance.

Blockfence

Blockfence

Blockfence are a seasoned crew versed in enterprise-grade cybersecurity and crypto, on a mission to collaboratively shape the future of Web3 security.

Verastel

Verastel

Specializing in the niche space of proactive cyber-defense, and adaptive resilience, team Verastel is bolstering enterprise digital security like never before.

Corinium Global Intelligence

Corinium Global Intelligence

At Corinium, we have been bringing together the brightest minds in data, AI and info sec since 2013, to innovate at the intersection of technological advancements and critical thinking.

AccessIT Group

AccessIT Group

AccessIT Group is a specialized cybersecurity solutions provider offering a full range of advanced security services.

Cybersecurity Elastic Laboratory (CEL)

Cybersecurity Elastic Laboratory (CEL)

CEL specialize in providing top-tier services in vulnerability diagnosis and penetration testing, offering a comprehensive suite of solutions to mitigate cyber risks.

DataTrails

DataTrails

DataTrails enables organizations to prove and verify the provenance and authenticity of any data they use in their business operations.