There are 1.7 million students along with more than $13B in research and development invested in higher education to protect (2017 figures), according to Universities Canada. As a result, the associated scope and costs of successful early prevention, detection and mitigation are unsustainable by one single institution.
The goal of the Canadian Shared Security Operations Centre (CanSSOC) project is to investigate the creation of a specialized cyber security incident and threat detection centre focused on the higher education sector. The members, partners and other stakeholders involved in CanSSOC are energized and eager to learn how the power of the collective can be harnessed to provide a stronger and more efficient defence against cyber security threats. There is strength in numbers!
There are similar efforts going on with our colleagues in the United States through OmniSOC.
The outcome of the CanSSOC pilot will be a clear understanding of the best way to develop a shared national higher education Security Operations Centre (SOC). The project deliverables reflect the key processes, outputs and benchmarks required to achieve that goal.
Protecting hundreds of thousands of devices, critical data and the people affected by potential cyber security breaches.
The offering of an increased number of services as a result of combined resources, enabling a greater breadth and depth of incident detection and response options for participating institutions.
Rapid response time
The time between identifying an incident and responding to it will be reduced through the use of improved technologies, shared intelligence data and highly skilled employees.
Shared intelligence and tools
Developing best practices, incident detection and response tools and artificial intelligence, such as machine learning.
Enhanced security overall
By securing more trusted partners, smaller institutions can afford to participate, reducing the points of exposure for all institutions on the network.
Staff attraction and retention
The innovative nature of this project will attract highly-qualified specialists, including leading researchers and developers, who will want to be part of a team culture working with an exceptionally large set of security data.
Easier compliance with security standards, regulations and frameworks by leveraging a greater wealth of specialized expertise across multiple institutions.
Working as a collective will uncover more potential cyber security threats and attacks than any one institution can locate independently.
Once launched, CanSSOC will be the first-of-its-kind cyber security operations centre in Canada and pioneering leadership/institutions will be recognized for their collective efforts and successes.