SlideShare a Scribd company logo

workshop1-michel-boulet-e

G
guest66dc5f
Technology
1 of 17
Download to read offline
Industrial Security Sector Presentation to Banking Colloquium On Government – Industry Security Program Equivalency
Presentation Security Program Equivalency • General Presentation on the Industrial Security Program • Pilot Project: – Government of Canada provision of security program equivalency to the Government Security Policy (GSP) in the Private Sector at the Reliability Status level
Industrial Security • Created in 1941 –65th anniversary this year • Mandates: NATO-International agreements-DPA-GSP • Lead Agency under the Government Security Policy (GSP) and DSA under NATO • Protection of Canadian and foreign Government sensitive assets/information/ in industry • In PWGSC because contractual clauses are used to ensure compliance (for Classified/Protected assets)
Industrial Security Sector One stop shopping for: • “security clearances/approvals” to bid on/participate in classified/Protected government contracts in Canada and abroad • Access to “controlled goods” under the Controlled Goods Regime of the Defence Production Act (DPA)
Industrial Security Program • Facility Security Clearances • Personnel Security Clearances • Visit clearances • Related services
Industrial Security Program: Primary Services • Security clearances – companies/ personnel • Processing of Visits/Transmission of Classified assets • Maintain Security databases and certify automated systems • Contract security (e.g.: proper clauses) • International Security (MOU’s/Agreements/Arrangements
Primary Services (cont’d) • Outreach – Training and awareness – Policy Development • Compliance monitoring (inspections) • Enforcement (investigations) • Advice, consultation and assistance to industry
Industrial Security Services are Vital to: • Maintaining the trust & confidence of NATO and other allies • Protecting $Billions in annual trade with the USA • Ensuring the continued sharing of US and other sensitive technologies with Canadian industry • Maintaining Canada’s ITAR exemption
Statistics • 5,800 + Companies registered • 80,000+ Personnel Security Clearances/yr • 300,000 screened people in data base • 2,700+ Visits Clearances Requests / Verification of personnel security clearances of approx. 23,000 visitors
ISP Workload Drivers • 9/11 - war in Iraq - anti-terrorism contracting and consulting • 2002 Government Security Policy • 2004 National Security Policy • Increase in Government contracts containing security requirements (Canadian and foreign) • U.S. pressure on Canada to tighten up perceived security weaknesses
Pilot Project: Equivalency Policy • Objective: – Determine whether the Government of Canada can provide, based on the Government Security Policy (GSP) as applied by the Industrial Security Program (ISP) of PWGSC, an equivalency at the Reliability Status level, to the security program of the ScotiaBank Group.
Principles 1. Establish baseline requirements for providing a Reliability Status equivalency between the security programs of the ScotiaBank Group and that of the Government of Canada (GC). 2. Reflect the 2002 revised Government Security Policy (GSP) as well as its applicable operational standards as stipulated in the Industrial Security Manual; 3. Support the National Security Policy; 4. Reflect the changes in the security environment since the incidents of 9/11; 5. Enhance consistency between the GC and the private industry with respect to industrial security;
Principles (Cont’d) 6. Reflect the need to apply a standard in the exchange of protected/sensitive information outside the control of the Government of Canada; 7. Promote training and awareness in the private sector regarding the requirements of security in the application of the GSP and the industrial security program; 8. Examine the actions to be taken in the event of non-compliance with the equivalency policy; 9. Create an audit requirement to review compliance with this requirement; and 10. Provide a matrix for application to other interested Canadian Chartered Banks
Matrix for Equivalency • The primary means by which an equivalency policy will be developed will be through the mapping of the security program of the ScotiaBank Group and that of the GC. • A Table of Requirements will then be populated to provide the means to compare the requirements of the Government of Canada versus those offered by the ScotiaBank Group.
Policy Requirements • Security Program (or equivalent) • Information Technology Security • Security Screening • Physical Security • Business Continuity Planning • Investigation of Security Incidents • Training and Awareness
Policy Components • Governance Structure composed of Government and Industry Representatives • Risk Management and Consequences • Audit • Accountability
Conclusion • Final Objectives: – Granting by the Government of Canada of an equivalency with respect to security to the Scotia Bank Group – Presentation of the result of the Pilot Project before an Association such as the Canadian Bankers Association (CBA) for wider dissemination

Recommended

mHealth Israel_MATIMOP_Product Adaptation Program for India_March 2016
mHealth Israel_MATIMOP_Product Adaptation Program for India_March 2016mHealth Israel_MATIMOP_Product Adaptation Program for India_March 2016
mHealth Israel_MATIMOP_Product Adaptation Program for India_March 2016
Levi Shapiro
 
Media and Public Health Law
Media and Public Health LawMedia and Public Health Law
Media and Public Health Law
guest66dc5f
 
Ajit-Legiment_Techniques
Ajit-Legiment_TechniquesAjit-Legiment_Techniques
Ajit-Legiment_Techniques
guest66dc5f
 
Griggs - Met Office
Griggs - Met OfficeGriggs - Met Office
Griggs - Met Office
guest66dc5f
 
jfec0606_ay07sae
jfec0606_ay07saejfec0606_ay07sae
jfec0606_ay07sae
guest66dc5f
 
04_Day_1_Melillo
04_Day_1_Melillo04_Day_1_Melillo
04_Day_1_Melillo
guest66dc5f
 
0309JUSTICEITSTANEK
0309JUSTICEITSTANEK0309JUSTICEITSTANEK
0309JUSTICEITSTANEK
guest66dc5f
 
Its time to Fix the Firewall
Its time to Fix the Firewall Its time to Fix the Firewall
Its time to Fix the Firewall
ITogether
 

Recommended

mHealth Israel_MATIMOP_Product Adaptation Program for India_March 2016
mHealth Israel_MATIMOP_Product Adaptation Program for India_March 2016mHealth Israel_MATIMOP_Product Adaptation Program for India_March 2016
mHealth Israel_MATIMOP_Product Adaptation Program for India_March 2016
Levi Shapiro
 
Media and Public Health Law
Media and Public Health LawMedia and Public Health Law
Media and Public Health Law
guest66dc5f
 
Ajit-Legiment_Techniques
Ajit-Legiment_TechniquesAjit-Legiment_Techniques
Ajit-Legiment_Techniques
guest66dc5f
 
Griggs - Met Office
Griggs - Met OfficeGriggs - Met Office
Griggs - Met Office
guest66dc5f
 
jfec0606_ay07sae
jfec0606_ay07saejfec0606_ay07sae
jfec0606_ay07sae
guest66dc5f
 
04_Day_1_Melillo
04_Day_1_Melillo04_Day_1_Melillo
04_Day_1_Melillo
guest66dc5f
 
0309JUSTICEITSTANEK
0309JUSTICEITSTANEK0309JUSTICEITSTANEK
0309JUSTICEITSTANEK
guest66dc5f
 
Its time to Fix the Firewall
Its time to Fix the Firewall Its time to Fix the Firewall
Its time to Fix the Firewall
ITogether
 
Qatar's NIA Policy Program
Qatar's NIA Policy ProgramQatar's NIA Policy Program
Qatar's NIA Policy Program
Samir Pawaskar
 
Pablo sobrino smart-dps presentation to itac - march 4-2014 - english
Pablo sobrino smart-dps presentation to itac - march 4-2014 - englishPablo sobrino smart-dps presentation to itac - march 4-2014 - english
Pablo sobrino smart-dps presentation to itac - march 4-2014 - english
KBIZEAU
 
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
AdaCore
 
Downstream Energy Security (Indonesia) At NO COST to Government ( Jan 2017)
Downstream Energy Security (Indonesia) At NO COST to Government ( Jan 2017)Downstream Energy Security (Indonesia) At NO COST to Government ( Jan 2017)
Downstream Energy Security (Indonesia) At NO COST to Government ( Jan 2017)
Jeff Wilson
 
Leveraging Procurement for Socio-Economic Benefits - Presentation by Acting C...
Leveraging Procurement for Socio-Economic Benefits - Presentation by Acting C...Leveraging Procurement for Socio-Economic Benefits - Presentation by Acting C...
Leveraging Procurement for Socio-Economic Benefits - Presentation by Acting C...
KBIZEAU
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working Together
EnergySec
 
US Electronic Security Market Outlook 2020
US Electronic Security Market Outlook 2020US Electronic Security Market Outlook 2020
US Electronic Security Market Outlook 2020
Neil Dave
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
Government Technology and Services Coalition
 
In order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) IIn order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) I
MalikPinckney86
 
Signal Intelligence Systems Market Competitive Research And Precise Outlook 2...
Signal Intelligence Systems Market Competitive Research And Precise Outlook 2...Signal Intelligence Systems Market Competitive Research And Precise Outlook 2...
Signal Intelligence Systems Market Competitive Research And Precise Outlook 2...
subishsam
 
Cyber Risk in the Energy Industry
Cyber Risk in the Energy IndustryCyber Risk in the Energy Industry
Cyber Risk in the Energy Industry
Tim Christ Executive Leadership
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
Miguel A. Amutio
 
SME access to Defence contracts
SME access to Defence contractsSME access to Defence contracts
SME access to Defence contracts
Norman Housden
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Amazon Web Services
 
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docxINITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
maoanderton
 
How I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance NightmareHow I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance Nightmare
Ignyte Assurance Platform
 
GLASS Charter Information Pamphlet - About the GLASS Charter Initiative
GLASS Charter Information Pamphlet - About the GLASS Charter InitiativeGLASS Charter Information Pamphlet - About the GLASS Charter Initiative
GLASS Charter Information Pamphlet - About the GLASS Charter Initiative
phil_marsh
 
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingLaying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Ignyte Assurance Platform
 
BFSI Security Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
BFSI Security Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...BFSI Security Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
BFSI Security Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
IMARC Group
 
The Relationship between FDI Screening and Merger Control Reviews – LENIHAN –...
The Relationship between FDI Screening and Merger Control Reviews – LENIHAN –...The Relationship between FDI Screening and Merger Control Reviews – LENIHAN –...
The Relationship between FDI Screening and Merger Control Reviews – LENIHAN –...
OECD Directorate for Financial and Enterprise Affairs
 
Os Timed Original
Os Timed OriginalOs Timed Original
Os Timed Original
guest66dc5f
 
Control your entire house with your iPhone
Control your entire house with your iPhoneControl your entire house with your iPhone
Control your entire house with your iPhone
guest66dc5f
 

More Related Content

Similar to workshop1-michel-boulet-e

Qatar's NIA Policy Program
Qatar's NIA Policy ProgramQatar's NIA Policy Program
Qatar's NIA Policy Program
Samir Pawaskar
 
Pablo sobrino smart-dps presentation to itac - march 4-2014 - english
Pablo sobrino smart-dps presentation to itac - march 4-2014 - englishPablo sobrino smart-dps presentation to itac - march 4-2014 - english
Pablo sobrino smart-dps presentation to itac - march 4-2014 - english
KBIZEAU
 
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
AdaCore
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
Government Technology and Services Coalition
 
In order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) IIn order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) I
MalikPinckney86
 
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docxINITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
maoanderton
 
How I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance NightmareHow I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance Nightmare
Ignyte Assurance Platform
 

Similar to workshop1-michel-boulet-e (20)

Qatar's NIA Policy Program
Qatar's NIA Policy ProgramQatar's NIA Policy Program
Qatar's NIA Policy Program
 
Pablo sobrino smart-dps presentation to itac - march 4-2014 - english
Pablo sobrino smart-dps presentation to itac - march 4-2014 - englishPablo sobrino smart-dps presentation to itac - march 4-2014 - english
Pablo sobrino smart-dps presentation to itac - march 4-2014 - english
 
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of...
 
Downstream Energy Security (Indonesia) At NO COST to Government ( Jan 2017)
Downstream Energy Security (Indonesia) At NO COST to Government ( Jan 2017)Downstream Energy Security (Indonesia) At NO COST to Government ( Jan 2017)
Downstream Energy Security (Indonesia) At NO COST to Government ( Jan 2017)
 
Leveraging Procurement for Socio-Economic Benefits - Presentation by Acting C...
Leveraging Procurement for Socio-Economic Benefits - Presentation by Acting C...Leveraging Procurement for Socio-Economic Benefits - Presentation by Acting C...
Leveraging Procurement for Socio-Economic Benefits - Presentation by Acting C...
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working Together
 
US Electronic Security Market Outlook 2020
US Electronic Security Market Outlook 2020US Electronic Security Market Outlook 2020
US Electronic Security Market Outlook 2020
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
 
In order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) IIn order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) I
 
Signal Intelligence Systems Market Competitive Research And Precise Outlook 2...
Signal Intelligence Systems Market Competitive Research And Precise Outlook 2...Signal Intelligence Systems Market Competitive Research And Precise Outlook 2...
Signal Intelligence Systems Market Competitive Research And Precise Outlook 2...
 
Cyber Risk in the Energy Industry
Cyber Risk in the Energy IndustryCyber Risk in the Energy Industry
Cyber Risk in the Energy Industry
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
 
SME access to Defence contracts
SME access to Defence contractsSME access to Defence contracts
SME access to Defence contracts
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
 
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docxINITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
INITIATIVES TO ENHANCE CRITICAL INFRASTRUCTURE PROTECTION 2 .docx
 
How I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance NightmareHow I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance Nightmare
 
GLASS Charter Information Pamphlet - About the GLASS Charter Initiative
GLASS Charter Information Pamphlet - About the GLASS Charter InitiativeGLASS Charter Information Pamphlet - About the GLASS Charter Initiative
GLASS Charter Information Pamphlet - About the GLASS Charter Initiative
 
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingLaying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
 
BFSI Security Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
BFSI Security Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...BFSI Security Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
BFSI Security Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
 
The Relationship between FDI Screening and Merger Control Reviews – LENIHAN –...
The Relationship between FDI Screening and Merger Control Reviews – LENIHAN –...The Relationship between FDI Screening and Merger Control Reviews – LENIHAN –...
The Relationship between FDI Screening and Merger Control Reviews – LENIHAN –...
 

More from guest66dc5f

Os Timed Original
Os Timed OriginalOs Timed Original
Os Timed Original
guest66dc5f
 
Control your entire house with your iPhone
Control your entire house with your iPhoneControl your entire house with your iPhone
Control your entire house with your iPhone
guest66dc5f
 
Awesome car collection
Awesome car collectionAwesome car collection
Awesome car collection
guest66dc5f
 
Sunil-Hacking_firefox
Sunil-Hacking_firefoxSunil-Hacking_firefox
Sunil-Hacking_firefox
guest66dc5f
 
Rahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_CodeRahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_Code
guest66dc5f
 
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_WindowsChetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
guest66dc5f
 
WHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_LawWHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_Law
guest66dc5f
 
Rohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_lawsRohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_laws
guest66dc5f
 
Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2
guest66dc5f
 
Dror-Crazy_toaster
Dror-Crazy_toasterDror-Crazy_toaster
Dror-Crazy_toaster
guest66dc5f
 
Varun-Subtle_Security_flaws
Varun-Subtle_Security_flawsVarun-Subtle_Security_flaws
Varun-Subtle_Security_flaws
guest66dc5f
 
longisland_golf_07
longisland_golf_07longisland_golf_07
longisland_golf_07
guest66dc5f
 
GolfLakeCity_002
GolfLakeCity_002GolfLakeCity_002
GolfLakeCity_002
guest66dc5f
 

More from guest66dc5f (20)

Os Timed Original
Os Timed OriginalOs Timed Original
Os Timed Original
 
Control your entire house with your iPhone
Control your entire house with your iPhoneControl your entire house with your iPhone
Control your entire house with your iPhone
 
Awesome car collection
Awesome car collectionAwesome car collection
Awesome car collection
 
Freaky car number plates
Freaky car number platesFreaky car number plates
Freaky car number plates
 
David-FPGA
David-FPGADavid-FPGA
David-FPGA
 
Sunil-Hacking_firefox
Sunil-Hacking_firefoxSunil-Hacking_firefox
Sunil-Hacking_firefox
 
Rahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_CodeRahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_Code
 
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_WindowsChetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
 
WHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_LawWHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_Law
 
Rohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_lawsRohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_laws
 
David-FPGA
David-FPGADavid-FPGA
David-FPGA
 
Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2
 
Dror-Crazy_toaster
Dror-Crazy_toasterDror-Crazy_toaster
Dror-Crazy_toaster
 
Varun-Subtle_Security_flaws
Varun-Subtle_Security_flawsVarun-Subtle_Security_flaws
Varun-Subtle_Security_flaws
 
CostofWarinIraq
CostofWarinIraqCostofWarinIraq
CostofWarinIraq
 
NR-golf-sept07
NR-golf-sept07NR-golf-sept07
NR-golf-sept07
 
NR-golf-sept07
NR-golf-sept07NR-golf-sept07
NR-golf-sept07
 
golf
golfgolf
golf
 
longisland_golf_07
longisland_golf_07longisland_golf_07
longisland_golf_07
 
GolfLakeCity_002
GolfLakeCity_002GolfLakeCity_002
GolfLakeCity_002
 

Recently uploaded

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 

workshop1-michel-boulet-e

  • 1. Industrial Security Sector Presentation to Banking Colloquium On Government – Industry Security Program Equivalency
  • 2. Presentation Security Program Equivalency • General Presentation on the Industrial Security Program • Pilot Project: – Government of Canada provision of security program equivalency to the Government Security Policy (GSP) in the Private Sector at the Reliability Status level
  • 3. Industrial Security • Created in 1941 –65th anniversary this year • Mandates: NATO-International agreements-DPA-GSP • Lead Agency under the Government Security Policy (GSP) and DSA under NATO • Protection of Canadian and foreign Government sensitive assets/information/ in industry • In PWGSC because contractual clauses are used to ensure compliance (for Classified/Protected assets)
  • 4. Industrial Security Sector One stop shopping for: • “security clearances/approvals” to bid on/participate in classified/Protected government contracts in Canada and abroad • Access to “controlled goods” under the Controlled Goods Regime of the Defence Production Act (DPA)
  • 5. Industrial Security Program • Facility Security Clearances • Personnel Security Clearances • Visit clearances • Related services
  • 6. Industrial Security Program: Primary Services • Security clearances – companies/ personnel • Processing of Visits/Transmission of Classified assets • Maintain Security databases and certify automated systems • Contract security (e.g.: proper clauses) • International Security (MOU’s/Agreements/Arrangements
  • 7. Primary Services (cont’d) • Outreach – Training and awareness – Policy Development • Compliance monitoring (inspections) • Enforcement (investigations) • Advice, consultation and assistance to industry
  • 8. Industrial Security Services are Vital to: • Maintaining the trust & confidence of NATO and other allies • Protecting $Billions in annual trade with the USA • Ensuring the continued sharing of US and other sensitive technologies with Canadian industry • Maintaining Canada’s ITAR exemption
  • 9. Statistics • 5,800 + Companies registered • 80,000+ Personnel Security Clearances/yr • 300,000 screened people in data base • 2,700+ Visits Clearances Requests / Verification of personnel security clearances of approx. 23,000 visitors
  • 10. ISP Workload Drivers • 9/11 - war in Iraq - anti-terrorism contracting and consulting • 2002 Government Security Policy • 2004 National Security Policy • Increase in Government contracts containing security requirements (Canadian and foreign) • U.S. pressure on Canada to tighten up perceived security weaknesses
  • 11. Pilot Project: Equivalency Policy • Objective: – Determine whether the Government of Canada can provide, based on the Government Security Policy (GSP) as applied by the Industrial Security Program (ISP) of PWGSC, an equivalency at the Reliability Status level, to the security program of the ScotiaBank Group.
  • 12. Principles 1. Establish baseline requirements for providing a Reliability Status equivalency between the security programs of the ScotiaBank Group and that of the Government of Canada (GC). 2. Reflect the 2002 revised Government Security Policy (GSP) as well as its applicable operational standards as stipulated in the Industrial Security Manual; 3. Support the National Security Policy; 4. Reflect the changes in the security environment since the incidents of 9/11; 5. Enhance consistency between the GC and the private industry with respect to industrial security;
  • 13. Principles (Cont’d) 6. Reflect the need to apply a standard in the exchange of protected/sensitive information outside the control of the Government of Canada; 7. Promote training and awareness in the private sector regarding the requirements of security in the application of the GSP and the industrial security program; 8. Examine the actions to be taken in the event of non-compliance with the equivalency policy; 9. Create an audit requirement to review compliance with this requirement; and 10. Provide a matrix for application to other interested Canadian Chartered Banks
  • 14. Matrix for Equivalency • The primary means by which an equivalency policy will be developed will be through the mapping of the security program of the ScotiaBank Group and that of the GC. • A Table of Requirements will then be populated to provide the means to compare the requirements of the Government of Canada versus those offered by the ScotiaBank Group.
  • 15. Policy Requirements • Security Program (or equivalent) • Information Technology Security • Security Screening • Physical Security • Business Continuity Planning • Investigation of Security Incidents • Training and Awareness
  • 16. Policy Components • Governance Structure composed of Government and Industry Representatives • Risk Management and Consequences • Audit • Accountability
  • 17. Conclusion • Final Objectives: – Granting by the Government of Canada of an equivalency with respect to security to the Scotia Bank Group – Presentation of the result of the Pilot Project before an Association such as the Canadian Bankers Association (CBA) for wider dissemination