It’s a strange time here at ORION — just like it is for everyone else. For us, it’s business as usual in an unusual way: we’re staying at home as much as possible, keeping in touch with each other and our constituents, keeping safe and healthy while hard at work. The COVID-19 crisis has seen an uptick in cybersecurity threats, and our ORION team has been monitoring them closely, ready to respond quickly whenever a threat appears. But we’ve also been enjoying the strong and secure foundation we’ve built and reinforced in recent years, and we’re excited to move forward with our plans to expand our cybersecurity features in the months and years to come.
As our province and our world become ever-more reliant on digital infrastructure, it’s important to protect vulnerable systems and people, as well as sensitive data. This has inspired several recent initiatives at ORION as we work with our constituents and partners to strengthen our cybersecurity.
STRENGTHENING THE CYBERSECURITY POSTURE FOR RESEARCH AND EDUCATION
As ORION’s Chief Technology Officer, I’m particularly proud of the new cybersecurity consortium we launched in 2019. The Ontario Cybersecurity Higher Education Consortium (ON-CHEC) brings together 29 higher education institutions —14 universities and 15 colleges — collaborating on our preparation for and response to cybersecurity threats.
“In higher education, we are at a disadvantage because we are a necessarily and uniquely open environment,” says Isaac Straley, Chief Information Security Officer at the University of Toronto, a member of ON-CHEC. “Whether you’re talking about a small teaching college or a large, research-intensive university, we face threats across the board. And working together is one of the only ways that we can both understand what threats we face and the best ways to deal with them.”
This is exactly the strength of ON-CHEC: it’s a shared approach, leveraging our collective experience and expertise, establishing common guidelines and frameworks across the province.
This is also the principal behind this year’s deployment of a Security Information Event Management (SIEM) system with multi-tenant capability. It collects and analyses data so we can respond to threats that affect the entire network more quickly and effectively. We expect that what we learn will provide the foundation for a shared SIEM approach in the future. Plus, we introduced a Distributed Denial of Service (DDoS) system, ready to detect and mitigate major DDoS events that might impact our network. And, as you may already know, we’ve been using CIRA D-Zone Anycast for five years now, a world-class anycast DNS infrastructure offered to all our connected institutions, providing further protection against DDoS attacks. We plan on continuing to build upon our relationship with D-Zone Anycast in the future.
The strength of collaboration is also amply evident in our community-focused approach to cybersecurity training. We launched ORION Community Training this year in response to community demand. Since then, we have been collecting feedback from training participants to understand how to improve the quality and range of workshops. We’ve also been working closely with the ON-CHEC team to develop recommended training pathways. The result is a new training program that will provide additional cybersecurity training opportunities to meet the unique needs of Ontario’s research, education, and innovation community.
Building partnerships is an incredibly important part of we what we do at ORION. And in the past year, we’ve been working with our partners across Canada, enhancing collaboration and strengthening our relationships, including those within Canada’s National Research and Education Network (NREN).
We have also become partners in CANARIE’s Joint Security Program (JSP), along with the other members of the NREN, uniting in a common approach to cybersecurity monitoring across Canada. And both CANARIE and ORION are also among those participating as partners in CanSSOC — a proof of concept which has brought six large Canadian universities together to create a Shared Security Operations Centre. As CanSSOC moves into a pilot phase, offering services such as continuous cybersecurity monitoring and a threat feed, we’re looking forward to a closer partnership and being able to extend new CanSSOC services to the ORION community, including with our ON-CHEC membership.
SUPPORTING RESEARCH AND INNOVATION
All of these enhancements work together to create a solid foundation that can foster innovation and new opportunities. By building and protecting a stable and secure connection for researchers, educators and innovators across the province, ORION empowers them in their vital work. Cybersecurity is one important part of that vision, ensuring that those who are working to build a better world don’t have to spend their time focused on security instead of the research and innovation that drives our province forward.
In 2020, we’ll continue building on the progress we made in 2019. In year two of ON-CHEC, we plan to move forward on security roadmaps and gap assessments, and we’ll streamline the cybersecurity review and self-assessment process. We’ve already launched a proof of concept for our shared SIEM project, and our expectation is that it will lay the groundwork for a more comprehensive shared SIEM capability in the future. We’ll build upon our partnerships with CanSSOC and CANARIE. And we’ll be extending our trial of additional DDoS detection and advanced mitigation with our connected institutions.
It’s been an incredible year — and I’m very excited about the plans we’ve made for the future of cybersecurity at ORION. We’ll continue working with our constituents and our partners to make our network ever-more secure.
Because it’s clear now more than ever: we’re stronger together.