Police Prepare for Cyber Attacks

The Halifax Regional Police department is on the hunt for a new chief information security officer to develop and then manage its IT security.

 Until the newly-created CISO position is filled, HRP’s systems are presumably more vulnerable to outside cyber-attacks. Just how vulnerable, though, the department isn’t saying.

“The field of IT security and delivery is evolving fast, and police departments’ security needs are unique and complex,” says HRP spokesperson Neera Ritcey. “In recognition of that, we are constantly assessing the effectiveness of our systems, and where necessary, we take action and are continuously improving our systems.”

The police department’s current business plan calls for the development of a cyber threat protocol and policy to help HRP combat external attacks. 

As part of that work, consultant group KPMG was hired to complete a “Cyber Threat Assessment” on HRP’s security of systems, data and policies.

A completed version of that assessment was submitted last year, but in a December update to the Board of Commissioners, chief Jean-Michel Blais writes there are “disagreements regarding security application. 

A Freedom of Information request recently for a copy of KPMG’s cyber threat assessment. The request was refused.

Police inspector and HRP FOIPOP coordinator Donald Mosher claims the release of even a redacted version of the report or any of the emails about its contents “could reasonably be expected to harm the security”. Ritcey explains away those “disagreements” alluded to by Blais as part of the normal “back-and-forth” that happens with any project.

Nevertheless, until an agreement on the way forward is reached and until an experienced CISO is hired, HRP is apparently unable to implement the findings.

Funding for the new CISO position was approved in last year’s police budget as part of an overall IT strategy. The future hire will develop a strategic view of security and operations, says Ritcey, and will act as HRP's liaison for all IT-related matters with HRM and partner agencies.

Candidates for the chief information security officer position will need a minimum 10 years in IT management. 

“The roles and approach to policing have seen unprecedented change,” reads a job ad. “Halifax Regional Police face increasing public expectations and scrutiny around their adoption of digital technology in their approaches to identifying, responding to and preventing crime in Halifax.”

The Halifax Regional Municipality is also looking for an outside assessment of its own IT security. A request for tenders released earlier this month asks for firms who can test out city hall's hardware and software vulnerabilities against attacks such as phishing and ransomware.

The  Coast

You Might Also Read:

Canada’s Electronic Spies Unleashed:

Canada Prioritizes Cyber-Attack:

Cybercrime in Canada:
 

 

« Delve Into GDPR - Questions & Answers
Cybersecurity Is A Job for CEOs, Not Just The IT Team »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

SealPath

SealPath

SealPath enables companies to protect and control their documents wherever they are: In their PC, in their corporate network, on a partner’s network, in the cloud.

Thermo Systems

Thermo Systems

Thermo Systems is a design-build control systems engineering and construction firm. Capabilties include industrial control system cybersecurity.

WetStone Technologies

WetStone Technologies

WetStone develops software solutions that support investigators and analysts engaged in eCrime Investigation, eForensics and incident response activities.

IAC

IAC

IAC is a specialist Irecruitment consultancy covering Internal Audit, Risk, Controls, Governance, IT Audit, and Cyber Security roles.

Fujitsu

Fujitsu

Fujitsu is the leading Japanese global information and communication technology company, offering a full range of products, solutions and services including Managed IT Services and Cyber Security.

Anitian

Anitian

The Anitian Compliance Automation platform builds, configures, and monitors cloud environments to accelerate compliance for standards such as FedRAMP, PCI, ISO/GDPR and CJIS.

Kleiner Perkins

Kleiner Perkins

For five decades, Kleiner Perkins has made history by partnering with some of the most ingenious and forward-thinking founders in technology and life sciences.

Fortress Information Security

Fortress Information Security

Fortress Information Security is one of the largest cyber security providers of supply chain risk management and vulnerability risk management in the US.

Key Cyber Solutions

Key Cyber Solutions

Key Cyber is an IT consulting firm that specializes in agile software development services, program management and infrastructure services, cyber security and cloud and managed services.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

Winmill Software

Winmill Software

Winmill is a technology services company that provides expert consulting services in Application Development, Application Security and Cyber Security.

Avalon Cyber

Avalon Cyber

Arm your organization in the fight against cyberattacks by partnering with the experts at Avalon Cyber.

OneZero Solutions

OneZero Solutions

OneZero specialize in cybersecurity operations, information assurance, computer network operations, solutions engineering, and project management.

Telarus

Telarus

Telarus is a Technology Services Brokerage that holds contracts with the world's leading cloud voice, contact center, cybersecurity, mobility and IoT providers.

Sonar

Sonar

AI generated or written by humans, Sonar’s Clean Code Solutions cover your code quality needs, improving code reliability, maintainability, and security.

Mesh Security

Mesh Security

Mesh Security transforms security data, tools, and infra for enterprise-wide visibility and control.