130 likes | 154 Views
Information Security Research Program. Henry Lee Manager, Security Policy and Research Office of the Chief Information Officer December 2007. Information Security Branch. Chief Info. Security Officer Governance for Information Security.
E N D
Information Security Research Program Henry Lee Manager, Security Policy and Research Office of the Chief Information Officer December 2007
Information Security Branch Chief Info. Security Officer Governance for Information Security Security Strategies Security architecture, Policy and standards, Research, Application security Advisory Services Security consulting, Specialist Services, Awareness Compliance Mgmt. Compliance management, Audit, Compliance reporting Investigations and Response Investigations, Forensics, Response, Tracking and reporting
Information Security Research Program • Part of Information Security Program • Developed in 2006; Approved in 2007 • Goal • Promote information security research • Build security research network to facilitate research activities in the province • Enhance info. sharing with research community
Areas of Interest • Enterprise architecture and security management • Trust and identity • Security properties and vulnerabilities • Incident response and recovery • Forensics, trace-back and identification • Application security • Metrics and models • Governance, social and economic issues
Activities • Issue information security research grants • Engage in post-secondary curriculum development • Organize conferences and workshops • Perform internal research • Build research centres of excellence
Outcomes in 2007 • Information Security Research Grants • Issued $2.5 million for 30+ projects of 9 universities and colleges in the Province • Research focus: • Cyber Crime (e.g., child pornography, image detection) • Network Security (e.g., network pattern/traffic analysis, etc.) • Identity Management
Outcomes in 2007 Post-secondary curriculum development Collaboration with University of Victoria (Departments of CS and ECE) Developed two new courses and revised three existing courses Created Security Option within Bachelor of Software Engineering program New course will be delivered in Fall 2008
Outcomes in 2007 Conferences and workshops Organize two annual conferences: Privacy and Security (February) West Coast Security Forum (November) Periodic events within the public sector Security Day (Semi-annual) Protection of Information Awareness (As requested)
Outcomes in 2007 Internal research Over ten research papers Guidance for senior management decision making and policy development Survey from IM/IT leaders in the public and private sectors to seek best practices Collaborate with consulting networks (e.g., ISF, CEB, NCSIP)
Outcomes in 2007 Research centre of excellence Under planning Centres specialized in specific security issues Provide an interdisciplinary forum to bring collaboration between security researchers
Future Plan • Extend research areas • Support more projects • Engage more researchers and bring more active collaboration locally and internationally • Invite more security talent to the Province • Create a research ecosystem
Thank you! Henry.Lee@gov.bc.ca Information Security Branch