Introduction to the Joint Security Project Webinar March 9, 2017 canarie.ca @canarie_inc
Download Webinar Slides > English: canarie.ca/network/security/jspwebinar > French: canarie.ca/reseau/securite/webinairepcs canarie.ca @canarie_inc 2
Webinar Recording Policy / Politique concernant l enregistrement des webinaires This webinar will be recorded and archived, including all audio. The video will be archived on the CANARIE YouTube channel and may be promoted through CANARIE communication channels. Any text questions or comments, if responded to, will remain anonymous and not be part of the recording. The recorded video will include your voice, if audio participation is enabled. Ce webinaire sera enregistré puis archivé, son compris. La vidéo sera conservée sur le canal YouTube de CANARIE et pourra être promue au moyen des filières de communication de CANARIE. Si on y répond, les questions écrites et orales demeureront anonymes et ne feront pas partie de l enregistrement. Toutefois, si la fonction «participation audio» a été activée, le fichier vidéo inclura votre voix. canarie.ca @canarie_inc 3
Webinar Information / Questions > Questions will be answered at the end of the webinar. Please use the question tool to type your questions. canarie.ca @canarie_inc 4
Joint Security Project > Joint project between CANARIE and Innovation, Science and Economic Development Canada (ISED) > Purpose: to develop a national view of the cybersecurity posture of research and higher education institutions connected to Canada s NREN* > Interest expressed in, and results gathered from this pilot will be used to support a funding request to develop a more complete cybersecurity program * National Research and Education Network canarie.ca @canarie_inc 5
Developing a National Security View canarie.ca @canarie_inc 6
Project Elements > Funded participants will install a CANARIE-procured, intrusion detection system (IDS) for threat and vulnerability detection, and receive funding to support the efforts of a technical staff member in meeting the funded participation obligations > Participants will also participate in a 1-day live training event with intrusion detection experts > 27 institutions will be selected to receive up to a maximum of $15K each in funding for a period of 6-8 months. > Data collection and management: Data collected will only be used by Project participants. Data management policy decisions will be made by Project participants, as a group, with consideration of sensitivities and circumstances. canarie.ca @canarie_inc 7
Benefits to Participants Enhancing capabilities through collaboration, training, technical assistance, and visualization > Collaboration with peers and top security leaders for technical assistance, data stewardship and knowledge exchange > Institutional and national perspective of threat detection and visualization canarie.ca @canarie_inc 8
How are we going to achieve this? > Two simultaneous pilot calls: Call for many participants (1), funded and non-funded, to deploy an open-source IDS on their institution s network Call for one Data Aggregation and Visualization Platform (2) to collect cybersecurity data from the participants IDS and render tools and visualizations used for detection and awareness Extensive, nation-wide interest in participation may lead to future funding. canarie.ca @canarie_inc 9
Engagement Timeline > Submission Deadline: March 27th, 2017 16:00 ET > Funding Announcement: April 18th, 2017 > Training Workshop: June 2017 > Project Completion: December 31, 2017 6-8 months for participants Simultaneous deployment of the Aggregation and Visualization Platform Let s get started! canarie.ca @canarie_inc 10
Who is eligible to participate? > Canadian research and higher education institutions that are connected to the NREN are eligible to participate. Use this cool tool to check if your institution is connected: Is My Institution Connected? > Federal research facilities are not eligible to be funded for participation, but are welcome to apply for nonfunded participation. > All eligible applicants who do not require funding will be selected to participate. > Non-funded participants are expected to install an IDS on their network and participate in scheduled meetings. canarie.ca @canarie_inc 11
Selection Criteria: Funded Participants (1) > Initial Selection: Based on highest FTE count: 15 universities* 2 community colleges / CEGEPs* 2 research facilities housing Canadian science instruments* 2 teaching hospitals* > Secondary Selection: Remaining Applications: The institution with FTE count at the median point* The institution with FTE count immediately below the median point* A minimum of four (4) additional institutions to provide maximum geographical diversity *In the event of a tie at any point in the selection process, ultimate selection will be based on enhancing geographical diversity of project participants. canarie.ca @canarie_inc 12
Selection Criteria: Deployment of an Aggregation and Visualization Platform (2) > Purpose of the platform is to support the needs of the Joint Security Project > One proposal selected based on the following criteria: Extent to which the platform aggregates data from multiple security related feeds from any IDS, including Bro. Extent to which the platform analytics and querying capabilities are optimized for cyber threats, security, and high performance. Extent to which the platform provides extensible visualization capabilities optimized for cyber threats. Extent to which the platform is able to collect data and provide project participants with access to the aggregated data and visualizations. Extent to which the platform could be developed or enhanced to provide different algorithms, tools, and analytics. canarie.ca @canarie_inc 13
Questions You Might Have The website states: The institution will install the CANARIE-provided IDS on their network;. Do you know what vendor has been selected and the specifications of the device being provided? > The device would be a Dell PowerEdge R630 or R730 Rack Server. The planned open-source IDS solution is Bro. (https://www.bro.org/). Training and technical support will be provided by the National Center of Supercomputing Applications (NCSA). For institutions that already have IDS, is it possible to contribute without installing and maintaining another piece of gear, assuming we conform to the proposed data standards? > Absolutely. The easiest way to do that is to apply for Non-Funded Participation. If you require funding we d prefer you install Bro to get the most out of the project (and it might be easier than converting data). Ultimately, we prefer you participate rather than opt out because you don t want to maintain another device. canarie.ca @canarie_inc 14
Finance Questions canarie.ca @canarie_inc 15
Questions You Might Have: Funded Participants (1) How are the funded participants going to receive payment? > CANARIE will make a payment with respect to the Participation obligations described in the Call Document: https://www.canarie.ca/network/cybersecurityinitiatives/funding/#1a > CANARIE reserves the right to reduce the payment where the Participation obligations have not been fulfilled. > The payment amount will be a maximum of $15,000. > The Payment becomes payable at the end of the Project (December 31, 2017). canarie.ca @canarie_inc 16
Questions You Might Have: Aggregation and Visualization Platform (2) CANARIE funding is claims based. What does that mean to me? > During the project, you submit claims quarterly. Claims must be accompanied by supporting documentation (e.g. employee timesheets, proof of salary, supplier invoices, etc.). CANARIE then reimburses your institution for eligible amounts claimed, less a 10% holdback which is paid at the end of the project. How do I know whether or not a project cost is eligible? > There is a schedule of eligible costs at the bottom of canarie.ca/network/cybersecurity-initiatives/funding. When in doubt, contact us: jointsecurity@canarie.ca. Are there any limits on eligible project costs that I should be aware of? > Special Purpose Equipment (SPE) is equipment necessary for the completion of the Project. To be an Eligible Cost, the SPE must be described in sufficient detail in the Statement of Work and approved budget. > Employee fringe benefits costs must not exceed 20% of eligible direct labour costs. > The total of sub-contractors and consulting fees must not exceed 10% of total eligible project costs. canarie.ca @canarie_inc 17
Questions You Might Have: Aggregation and Visualization Platform (2) Can I claim the overhead associated with employees working on my project? > No, you cannot claim any overhead. General office supplies, utilities, rent for office space, office equipment, etc. are considered overhead. What qualifies as an in-kind contribution? > In-kind salaries and wages paid at the rates shown in the organization s payroll records and incurred for the completion of the project, e.g. salary for university faculty or principal investigator. Anyone not paid a salary will not qualify as an in-kind contribution. Is there a minimum in-kind contribution? > No. canarie.ca @canarie_inc 18
Questions? canarie.ca @canarie_inc 19
canarie.ca @canarie_inc