Overview

There are 1.7 million students along with more than $13B in research and development invested in higher education to protect (2017 figures), according to Universities Canada. As a result, the associated scope and costs of successful early prevention, detection and mitigation are unsustainable by one single institution.

Objective

The goal of the Canadian Shared Security Operations Centre (CanSSOC) project is to investigate the creation of a specialized cyber security incident and threat detection centre focused on the higher education sector. The members, partners and other stakeholders involved in CanSSOC are energized and eager to learn how the power of the collective can be harnessed to provide a stronger and more efficient defence against cyber security threats. There is strength in numbers!

There are similar efforts going on with our colleagues in the United States through OmniSOC.

Benefits

Protecting hundreds of thousands of devices, critical data and the people affected by potential cyber security breaches.
null
Greater service
The offering of an increased number of services as a result of combined resources, enabling a greater breadth and depth of incident detection and response options for participating institutions.
null
Rapid response time
The time between identifying an incident and responding to it will be reduced through the use of improved technologies, shared intelligence data and highly skilled employees.
null
Shared intelligence and tools
Developing best practices, incident detection and response tools and artificial intelligence, such as machine learning.
null
Enhanced security overall
By securing more trusted partners, smaller institutions can afford to participate, reducing the points of exposure for all institutions on the network.
null
Staff attraction and retention
The innovative nature of this project will attract highly-qualified specialists, including leading researchers and developers, who will want to be part of a team culture working with an exceptionally large set of security data.
null
Facilitate compliance
Easier compliance with security standards, regulations and frameworks by leveraging a greater wealth of specialized expertise across multiple institutions.
null
Increased visibility
Working as a collective will uncover more potential cyber security threats and attacks than any one institution can locate independently.
null
Recognition
Once launched, CanSSOC will be the first-of-its-kind cyber security operations centre in Canada and pioneering leadership/institutions will be recognized for their collective efforts and successes.

Academic Members

Project Deliverables

null
1. Services
List of services necessary to enable an CanSSOC for institutions in Canada.
null
2. Data, resources and staff
Understanding of the data, resources and staff required from participating institutions.
null
3. Cost model
An outline and cost model for the recommended operational technical architecture.
null
4. Process
A process for interaction between the institutions and a CanSSOC.
null
5. Operational budget
A detailed start-up and on-going operational budget, including necessary staff to manage and operate the CanSSOC.
null
6. Metrics
Metrics for the ongoing evaluation of the effectiveness of the CanSSOC.
null
7. Delivery mechanism
A recommended delivery mechanism for the CanSSOC.
null
8. Structure
A recommended governance structure to support an CanSSOC.
null
9. Feedback
Feedback on possible integration with other SSOCs.
null
10. Evaluation
Evaluation of alternatives to a SSOC.