In a context where cyberattacks pose a constant threat, the University of Ottawa is soon finalizing a significant update to its cyberattack response plan. Known as Cybersecurity Incident Response Plan, involving various key University sectors collaborating, including the Office of the Chief Risk Officer, the Access to Information and Privacy Office, Central Communications, Legal services, the Office of Emergency Management, Protection services and Information Technology. The plan aims to effectively coordinate responses to attacks and protect the University's assets and its members.
This initiative represents an important opportunity to proactively prepare for cyberattacks, the risk of which is increasing more and more in today's digital world. By adopting this plan, the University demonstrates its commitment to data protection and securing its IT systems, ensuring a safer digital environment for the university community where all synergies are harnessed toward this goal.
The contribution of various stakeholders will significantly enhance the content of the plan, which will be reviewed periodically to strengthen its components and processes, demonstrating the importance of interdisciplinary collaboration in managing risks related to cybersecurity.
"In response to the evolving cyber threat landscape, uOttawa has launched a comprehensive initiative aimed at strengthening our cyber incident response capabilities. Led by our IT Information Security Office, this project is rooted in fostering synergy and collaboration across departments, significantly enhancing our collective capacity to tackle cyber threats effectively. This project represents a significant step forward in our commitment to cybersecurity and operational continuity. By championing collaboration, preparedness, and resilience, we are not just responding to immediate threats but are proactively setting a new standard in cybersecurity. This ensures uOttawa remains resilient and robust, ready to face any cyber challenges that come our way." - Carolina de Moura, Chief Risk Officer
Next step and alignment with the Digital Campus Transformation plan
The next step is to test the plan through tabletop exercises involving key stakeholders in cybersecurity incident management. The results of these tests will inform further refinements and improvements to the plan before its implementation during spring 2024, integrating it into the processes of the stakeholders. The plan itself is not static; it will be periodically reviewed to strengthen the intervention processes and protocols of each stakeholder in the event of a cyberattack, regardless of its type, severity and impact.
This initiative aligns with the Digital Campus Transformation plan which also aims to enhance data security and improve the University's resilience against cyber threats. It contributes to the goals of Transformation 2030 by ensuring information protection and fostering a secure and innovative digital environment for the entire University.