1. Home
  2. Blog
  3. Strengthening Cyber Defence Through Proactive Solutions

Strengthening Cyber Defence Through Proactive Solutions


The Department of National Defence’s cyber capabilities have strengthened dramatically since 2016. Consistent empowerment of their people and an implementation of agile methods have enabled the organisation to stay “Strong, Secure
and Engaged.” With their cyber security at the core of Canada’s defence strategy, they’re on track to becoming increasingly pro-active while strengthening their cyber capabilities.

In this blog post, Sherry discusses the importance of educating staff and the key processes needed for a strong cyber defence capability.

What processes should government take to ensure a strong cyber defence system?

The key to creating a defensible security program for the long run is making sure you focus on three key areas; people, processes and technology. These three areas need to be resilient as they’re essential to having a strong defence system.
For people you need to focus on hiring the right talent for the job, make sure they’re trained and obtain adequate resourcing capabilities to meet your mandates. You also need to educate employees about the processes around cyber security and encourage them to do the best job that they can through continuous support.

Process is about building sustainable cyber defence operations by establishing viable procedures in how you’re going to do that. So, you need to consider everything, such as playbooks, checklists or setting up operating procedures for your team. This creates standardisation for mitigating and implementing stronger cyber capabilities.

With technology, you need to have the proper tools in place, such as monitoring, detection and mitigation tools to perform the tasks required. Prioritize and spend money on the best tools you can afford to cover each area. Don’t buy one version and expect that it will solve all your security issues.

You need to continuously refine your people, process and technology strategies and improve upon them because you’re never going to get those 100% correct from the start. Therefore it’s important to progress constantly, day by day, even by a small percentage point because that is better than staying status quo or not addressing security concerns.

How do you handle risks without disrupting business as usual?

Education and awareness are necessary to ensure that we’re capably balancing risk management with business as usual. This is why we have enabled a culture here where it is okay to learn from mistakes and feel this actually improves incident reporting. We encourage going back to the drawing board if it doesn’t work and improving upon it.

We’re very open to the fact that not everything is perfect from the get go, mistakes are okay, changes are okay and the goal is to continuously develop how we can improve risk. We also keep our clients and employees informed about new security threats and scams, advising them on how to recognize and react to risks. This is because at the end of the day, it doesn’t matter how great your tools are or how much you’ve invested in insurance or disaster recovery, one click by a user is more than enough to lead to something malicious that can expose your entire network.

Finally, we don’t necessarily restrict an entire network and users when one bad thing happens, but rather we educate. For example, if there is a simple virus transferred via a USB into a system we don’t immediately lock down all of the ports and ban all USBs on that network, we contain and mitigate the actual issue at hand. Of course depending on the type of malware we take different mitigation paths but we don’t take a sledgehammer approach to security.

Sometimes portable media is often the only viable means to transfer information between networks, banning USB’s would slow down the business and operations. This is why, we need to educate staff on proper usage to maintain optimal security standards. Our priority is to secure our systems, but at the same time, do so in a way that doesn’t affect the business and our day-to-day operations.

What are the main challenges that you have had with cyber security and how do you overcome them?


Some of the main challenges I have had in this industry is having people higher up in leadership who fear cyber security and don’t understand the importance of continuous improvement, being pro-active rather than reactive and addressing skills gaps. Often, when you’re presenting security concerns to high-level executives or business professionals they don’t grasp the context that security is not always tangible as they’re used to working with numbers as the deciding factor. This is why they sometimes ask if system patching or upgrades are really necessary or if the risk is really that great because they haven’t budgeted for it.

In this case, it’s always important to explain why we need these upgrades and let them know the importance of proactively rectifying these risks and vulnerabilities to continue business processes. Often they don’t understand the impact of a security concern and as a result sometimes a culture of inactivity and risk ignorance is created.

Being pro-active right now is so important because most businesses lack a defined security maturity model and businesses tend to invest in improvements only when something bad happens. Also, when you’re always so reactive you won’t have the proper KPIs to measure against for pro-active improvements. This is why it’s important to educate your executive staff on cyber security to get necessary buy in.

To read the rest of the extensive article, you can request a copy here.

If you’re interested in learning more about how the Department of National Defence Canada is working to educate their staff and leaders to create a stronger cyber defence capability then join Sherry at the Cyber Security for the Public Sector 2018 event. This event, held on the 27th-28th of November at the Park Royal Darling Harbour, brings together over 14+ cyber security experts from organisations such as; the Australian Defence Force, AustCyber, Department of Parliamentary Services, icare and the Australian Taxation Office.

To see the full session and speaker line-up, request a copy of the latest agenda here or simply download it via the agenda link above.



Return to Blog