New Cyber Incident Management Program for Ontario Municipalities
By Shannon Devane
LAS, Program Manager
Municipal Risk Management
On April 3, 2023, LAS was pleased to announce a new program designed to help municipalities manage cyber incidents in today’s ever changing IT environment. The Cyber Incident Management for Ontario Municipalities Program – CIMOM was a concept created by LAS staff and a group of municipal risk managers from across the Province in response to challenges procuring cyber insurance for municipal risk.
After a competitive RFP process, LAS is partnering with ISA Cybersecurity. ISA’s mission is to help customers achieve their privacy and security goals, and to be proactive in the fight against security threats. ISA is a proudly Canadian company with nearly three decades of experience delivering cyber security services.
This program has been designed for municipalities regardless of their cyber insurance status and for a variety of budgets. It is flexible enough that it can assist in a variety of incident response related work as well through group procurement of hours. The core of the program is access to quick, effective, and orderly response to cyber security incidents which will completely assess, identify, contain, eradicate and provide lessons learned. The ISA methodology includes preparation activities such as a discovery session aimed at gathering relevant information about the networking and security environment ahead of a security incident. That way, the team is well prepared with necessary information in advance of a security incident and can quickly begin the identification stage of the incident response lifecycle.
The core program has three levels available. Municipalities can choose the number of hours they require based on their existing resources. Level 1 provides 20 hours, Level 2 provides 50 hours and Level 3 provides 80 hours. These retainer hours are intended to be held over a 12-month period. If an incident does not occur within that time frame, and upon renewal of the retainer, municipalities can use the hours in the first six months of the next year for a variety of cyber security and incident response work.
This leads into the second component of the program - additional services that would be of interest to the municipal CAO and IT professionals to help harden IT infrastructure. Given the importance of this work, and recognizing current needs, the program also allows for up to 60% of the retained hours to be used on additional services in the first year. Municipalities can choose to have their current incident response plans reviewed or to test their existing plans, among other options.
To learn more about this program, please contact Shannon Devane at firstname.lastname@example.org.