802
edits
Changes
Jump to navigation
Jump to search
GC Cyber Security Event Management Tools and Templates (view source)
Revision as of 09:31, 14 April 2021
, 09:31, 14 April 2021Created page with "GCpedia GCdirectoryGCintranetGCconnexGCcollab Français Search Search website Search GCTools Editing GC Cyber Security Event Management Tools and Templates Currently editin..."
GCpedia
GCdirectoryGCintranetGCconnexGCcollab
Français
Search
Search website
Search GCTools
Editing GC Cyber Security Event Management Tools and Templates
Currently editing:pending refresh… (click this box or start editing)
BoldItalicExternal link (remember http:// prefix)Internal linkEmbedded fileReferenceAdvancedSpecial charactersHelp
<div class="center">
{| class="FCK__ShowTableBorders" style="border: 2px solid rgb(110, 110, 110);" width="1000"
|-
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management|Overview]]
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management Documentation|Documentation]]
! style="background: rgb(247, 129, 129); color: black;" width="25%" scope="col" | [[GC Cyber Security Event Management Tools and Templates|Tools, Templates, and Reference Materials]]
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management CCCS Products|CCCS Products]]
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management Contact Information|Contact Information]]
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management Glossary|Glossary]]
|}
</div>
{{TOCright}}
<br />
== Cyber Security Incident Reporting ==
E-mail: cyberincident@cyber.gc.ca
Entrust Key: For secure communications, the Cyber Centre's public Entrust Key
is available upon request. Alternatively, the Cyber Centre's Public Pretty Good
Privacy (PGP) key (Text format 3KB) is also available upon request.
For general information, please contact the Canadian Centre for Cyber Security:
Email: contact@cyber.gc.ca
Toll Free: 1-833-CYBER-88 (1-833-292-3788)
Local: 613-949-7048
== Cyber Security Incident Log Template ==
[[Media:Cyber_Security_Incident_Log_-_Template_(v1.0).xls|Cyber Security Incident Log Template (English)]] <br />
[[Media:Cyber_Security_Incident_Log_Template_(v1.0)-FR.xls|Cyber Security Incident Log Template (French)]]<br />
== Standard Operating Procedure (SOP) Templates ==
[[Media:GC CSEMP - Templates - Managed Service Event Management Standard Operating Procedure.docx|SOP template for Externally Managed Services (Draft - English)]]<br />
SOP template for Externally Managed Services (''French - Coming soon'')
== Reference Materials ==
=== Generic Account Guidance ===
[[Media:Generic Mailboxes-EN.docx|Download generic mailbox account guidance]]<br />
[[Media:Courriel Generiques.docx|Télécharger Guide sur les comptes de courriel génériques]]
=== Quick Reference Guide ===
[[Media:GC CSEMP Quick Reference Guide.pptx|Download GC CSEMP]] [[Quick]] Reference Guide (v1.4)<br />
[[Media:GC CSEMP - Quick Reference Guide - FR.docx|Télécharger le PGEC GC guide de référence rapide (v1.2) nouvelle version à venir]]
<br />
<!--[[File:CSEMP-QuickReference.JPG|1450px]]
==== -- Impact Assessment (Step 1) -- ====
Severity: The severity of the injury refers to the level of harm, damage or loss (e.g. from physical injury to loss of life, from minor financial losses to loss of financial viability, from minor inconvenience to significant hardship). The severity of the injury may be characterized as limited, serious or severe, based on an assessment of the following types of injury:
*Harm to the health and safety of individuals;
*Financial losses or economic hardship;
*Impacts to government programs/services;
*Loss of civil order or national sovereignty; and,
*Damage to reputations or relationships.
Other factors specific to a departmental or agency mandate or operational context may also be considered.
Scope: The scope of injury refers to the number of people, organizations, facilities or systems impacted, the geographical area affected (e.g. localized or widespread), or duration of the injury (e.g. short term or long term). The scope of injury can be characterized as:
*Wide: widespread; national or international; multiple countries or jurisdictions; major government programs or sectors;
*Medium: jurisdiction, business sector, government program; group or community; or
*Narrow: individual, small business.
===== Potential Expected Results of a Compromise =====
The table below can be consulted to analyze potential expected results of a compromise and validate the outcome of the initial injury test. Once confirmed, this value can be entered in the incident report and submitted to the GC-CIRT.
{| class="wikitable"
|-
!Impact
!Result of Compromise
|-
|Very High
|
*Widespread loss of life
*Major long-term damage to the Canadian economy
*Severe impediment to national security (e.g. compromising capabilities of Canadian Forces or national intelligence operations)
*Severe damage to diplomatic or international relations
*Long-term loss of public confidence in the GC that disrupts the stability of government
|-
|High
|
*Severe injury or loss of life to a group of individuals, or widespread serious injury
*Serious financial loss that impedes the Canadian economy, compromises the viability of a GC program or reduces international competitiveness
*Serious impediment to one or more mission-critical programs/services or impediment to national security
*Serious damage to international relations that could result in a formal protest or sanction
*Long-term loss of public confidence in the GC that disrupts a priority objective of the government
|-
|Medium
|
*Threat to the life or safety of an individual, or serious injury to a group of individuals
*Financial loss that affects performance across a sector of the economy, affects GC program outcomes or affects the well-being of a large number of Canadians
*Serious impediment to public-facing programs/services or departmental operations, jeopardizing program objectives
*Damage to federal-provincial relations
*Serious loss of public trust or confidence in the GC or embarrassment to the GC
|-
|Low
|
*Physical or psychological harm to an individual
*Financial stress or hardship to an individual
*Impediment to departmental operations that could have a limited impact on program effectiveness
*Harm to the reputation of an individual or business
*Minor loss of public trust or confidence in the GC
|}
==== -- Risk Assessment Exposure Levels (Step 2) -- ====
'''Low'''
*Low likelihood that threat will target GC
*Vulnerability very difficult to exploit
*Vulnerable systems are not directly exposed (e.g. standalone systems)
*Existing security controls effectively counter threat or vulnerability
'''Medium'''
*Medium likelihood that threat will target GC
*Vulnerability exploitable with significant resources
*Vulnerable systems are visible to one department only (i.e. intranet)
*Existing security controls partially counter threat or vulnerability
'''High'''
*High likelihood that threat will target GC
*Vulnerability exploitable with moderate resources
*Vulnerable systems are visible to many departments (e.g. GC extranet)
*Existing security controls provide limited protection against threat or vulnerability
'''Very High'''
*Threat or compromise imminent
*Vulnerability easily exploitable with limited resources
*Vulnerable systems are highly exposed (e.g. Internet facing)
*Existing security controls do not provide protection against threat or vulnerability
-->
Summary:
This is a minor edit Watch this page
Please note that all contributions to GCpedia may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see GCpedia:Copyrights for details). Do not submit copyrighted work without permission!
Friendly reminder: As per the Terms and Conditions of use of GCconnex and the Terms and Conditions of use of GCpedia, sensitive, confidential, or inappropriate content can’t be posted on the GC2.0 Tools. This means that only “unprotected”, “unclassified” or “Protected A” documents can be posted.
Cancel
Template used on this page:
Navigation menu
EnglishGreggory.EltonTalkPreferencesMy favoritesWatchlistContributionsLog outPageDiscussionReadEditEdit sourceView historyUnwatchMove
Search GCpedia
GCpedia
Navigation
Main Page
Communities
Browse categories
Random page
Help
Help
FAQ
Actions/Tools
Upload a file
Special pages
Page Information
About page
Statistics
Related changes
What links here
Privacy policyAbout GCpediaTerms and conditions of useMobile view
GCdirectoryGCintranetGCconnexGCcollab
Français
Search
Search website
Search GCTools
Editing GC Cyber Security Event Management Tools and Templates
Currently editing:pending refresh… (click this box or start editing)
BoldItalicExternal link (remember http:// prefix)Internal linkEmbedded fileReferenceAdvancedSpecial charactersHelp
<div class="center">
{| class="FCK__ShowTableBorders" style="border: 2px solid rgb(110, 110, 110);" width="1000"
|-
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management|Overview]]
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management Documentation|Documentation]]
! style="background: rgb(247, 129, 129); color: black;" width="25%" scope="col" | [[GC Cyber Security Event Management Tools and Templates|Tools, Templates, and Reference Materials]]
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management CCCS Products|CCCS Products]]
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management Contact Information|Contact Information]]
! style="background: rgb(248, 224, 224); color: black;" width="16%" scope="col" | [[GC Cyber Security Event Management Glossary|Glossary]]
|}
</div>
{{TOCright}}
<br />
== Cyber Security Incident Reporting ==
E-mail: cyberincident@cyber.gc.ca
Entrust Key: For secure communications, the Cyber Centre's public Entrust Key
is available upon request. Alternatively, the Cyber Centre's Public Pretty Good
Privacy (PGP) key (Text format 3KB) is also available upon request.
For general information, please contact the Canadian Centre for Cyber Security:
Email: contact@cyber.gc.ca
Toll Free: 1-833-CYBER-88 (1-833-292-3788)
Local: 613-949-7048
== Cyber Security Incident Log Template ==
[[Media:Cyber_Security_Incident_Log_-_Template_(v1.0).xls|Cyber Security Incident Log Template (English)]] <br />
[[Media:Cyber_Security_Incident_Log_Template_(v1.0)-FR.xls|Cyber Security Incident Log Template (French)]]<br />
== Standard Operating Procedure (SOP) Templates ==
[[Media:GC CSEMP - Templates - Managed Service Event Management Standard Operating Procedure.docx|SOP template for Externally Managed Services (Draft - English)]]<br />
SOP template for Externally Managed Services (''French - Coming soon'')
== Reference Materials ==
=== Generic Account Guidance ===
[[Media:Generic Mailboxes-EN.docx|Download generic mailbox account guidance]]<br />
[[Media:Courriel Generiques.docx|Télécharger Guide sur les comptes de courriel génériques]]
=== Quick Reference Guide ===
[[Media:GC CSEMP Quick Reference Guide.pptx|Download GC CSEMP]] [[Quick]] Reference Guide (v1.4)<br />
[[Media:GC CSEMP - Quick Reference Guide - FR.docx|Télécharger le PGEC GC guide de référence rapide (v1.2) nouvelle version à venir]]
<br />
<!--[[File:CSEMP-QuickReference.JPG|1450px]]
==== -- Impact Assessment (Step 1) -- ====
Severity: The severity of the injury refers to the level of harm, damage or loss (e.g. from physical injury to loss of life, from minor financial losses to loss of financial viability, from minor inconvenience to significant hardship). The severity of the injury may be characterized as limited, serious or severe, based on an assessment of the following types of injury:
*Harm to the health and safety of individuals;
*Financial losses or economic hardship;
*Impacts to government programs/services;
*Loss of civil order or national sovereignty; and,
*Damage to reputations or relationships.
Other factors specific to a departmental or agency mandate or operational context may also be considered.
Scope: The scope of injury refers to the number of people, organizations, facilities or systems impacted, the geographical area affected (e.g. localized or widespread), or duration of the injury (e.g. short term or long term). The scope of injury can be characterized as:
*Wide: widespread; national or international; multiple countries or jurisdictions; major government programs or sectors;
*Medium: jurisdiction, business sector, government program; group or community; or
*Narrow: individual, small business.
===== Potential Expected Results of a Compromise =====
The table below can be consulted to analyze potential expected results of a compromise and validate the outcome of the initial injury test. Once confirmed, this value can be entered in the incident report and submitted to the GC-CIRT.
{| class="wikitable"
|-
!Impact
!Result of Compromise
|-
|Very High
|
*Widespread loss of life
*Major long-term damage to the Canadian economy
*Severe impediment to national security (e.g. compromising capabilities of Canadian Forces or national intelligence operations)
*Severe damage to diplomatic or international relations
*Long-term loss of public confidence in the GC that disrupts the stability of government
|-
|High
|
*Severe injury or loss of life to a group of individuals, or widespread serious injury
*Serious financial loss that impedes the Canadian economy, compromises the viability of a GC program or reduces international competitiveness
*Serious impediment to one or more mission-critical programs/services or impediment to national security
*Serious damage to international relations that could result in a formal protest or sanction
*Long-term loss of public confidence in the GC that disrupts a priority objective of the government
|-
|Medium
|
*Threat to the life or safety of an individual, or serious injury to a group of individuals
*Financial loss that affects performance across a sector of the economy, affects GC program outcomes or affects the well-being of a large number of Canadians
*Serious impediment to public-facing programs/services or departmental operations, jeopardizing program objectives
*Damage to federal-provincial relations
*Serious loss of public trust or confidence in the GC or embarrassment to the GC
|-
|Low
|
*Physical or psychological harm to an individual
*Financial stress or hardship to an individual
*Impediment to departmental operations that could have a limited impact on program effectiveness
*Harm to the reputation of an individual or business
*Minor loss of public trust or confidence in the GC
|}
==== -- Risk Assessment Exposure Levels (Step 2) -- ====
'''Low'''
*Low likelihood that threat will target GC
*Vulnerability very difficult to exploit
*Vulnerable systems are not directly exposed (e.g. standalone systems)
*Existing security controls effectively counter threat or vulnerability
'''Medium'''
*Medium likelihood that threat will target GC
*Vulnerability exploitable with significant resources
*Vulnerable systems are visible to one department only (i.e. intranet)
*Existing security controls partially counter threat or vulnerability
'''High'''
*High likelihood that threat will target GC
*Vulnerability exploitable with moderate resources
*Vulnerable systems are visible to many departments (e.g. GC extranet)
*Existing security controls provide limited protection against threat or vulnerability
'''Very High'''
*Threat or compromise imminent
*Vulnerability easily exploitable with limited resources
*Vulnerable systems are highly exposed (e.g. Internet facing)
*Existing security controls do not provide protection against threat or vulnerability
-->
Summary:
This is a minor edit Watch this page
Please note that all contributions to GCpedia may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see GCpedia:Copyrights for details). Do not submit copyrighted work without permission!
Friendly reminder: As per the Terms and Conditions of use of GCconnex and the Terms and Conditions of use of GCpedia, sensitive, confidential, or inappropriate content can’t be posted on the GC2.0 Tools. This means that only “unprotected”, “unclassified” or “Protected A” documents can be posted.
Cancel
Template used on this page:
Navigation menu
EnglishGreggory.EltonTalkPreferencesMy favoritesWatchlistContributionsLog outPageDiscussionReadEditEdit sourceView historyUnwatchMove
Search GCpedia
GCpedia
Navigation
Main Page
Communities
Browse categories
Random page
Help
Help
FAQ
Actions/Tools
Upload a file
Special pages
Page Information
About page
Statistics
Related changes
What links here
Privacy policyAbout GCpediaTerms and conditions of useMobile view
