Introduction

We propose a presentation by two cyber analysts who have recently embarked on creating a cybersecurity practice within an organization that has never previously had a security division. This presentation aims to share our journey, including the lessons we have learned, successes we have achieved, and interesting setbacks we have encountered. We would like to share our stories that illustrate our experiences that we think will benefit the rest of the post-secondary community, especially those looking to start their own security practices.

The presentation will span approximately 30 to 60 minutes to provide a comprehensive overview while allowing room for questions and discussions.

Presentation Outline:

Welcome and Introduction (5 minutes)

  • Introduction of the presenters

The Need for a Cybersecurity Practice (5 minutes)

  • Importance of having a dedicated cybersecurity practice
  • Challenges faced by organizations without an official cybersecurity practice
  • Challenges when starting that practice/transition

Starting the Cybersecurity Practice (10 minutes)

  • Initial steps and planning
  • Establishing goals and objectives

Lessons Learned (10 minutes)

  • Key takeaways from the initial phase
  • Lessons from unexpected challenges
  • Strategies that worked and those that didn’t

Stories and Anecdotes (10 minutes)

  • Engaging and informative stories from our journey
    • Scoping out roles
    • Developing IR plan
    • Developing Risk Management framework
    • Developing the building blocks of a cyber-aware culture
    • How it feels moving from service desk to the “cyber desk”
  • Examples of real-world incidents and responses and how that changed with having dedicated cyber staff
  • Lessons from those stories
  • Sharing great experiences with BCNET services and team, especially regarding incident response

Interactive Q&A Session (5 minutes)

  • Open floor for questions from the audience

This presentation aims to provide valuable insights into the creation and development of a cybersecurity practice within an organization from the perspective of two analysts involved in the early stages of that practice and highlight some of the benefits that working with BCNET has brought us.

Hawkeye

Hawkeye Fyvie

Cybersecurity Analyst, College of New Caledonia

Hawkeye Fyvie is a Cybersecurity Analyst for the College of New Caledonia, who, through a diverse journey, is now eager to share his experience of breaking into this exciting field. With guidance from his coach Dominic Vogel, 3+ years of combined educational and work experience, and a dash of roadblocks, Hawkeye now plays a pivotal operational role in building a cybersecurity program from the ground up. This has allowed him to grow a passion for his field and has given him the skills necessary to ensure the safety of people, processes, and technology within the organization.

Summit Speaker

Liam Skelton

Cybersecurity Analyst, College of New Caledonia

Liam Skelton is a dedicated Cyber Security Analyst at the College of New Caledonia located in Prince George, BC, with four years of IT experience and over one and half years specializing in cybersecurity. Liam has played a critical role in implementing a cyber strategy, policies, standards, and basic cyber processes. His passion for cybersecurity and commitment to continuous learning drive his professional journey, ensuring robust protection and solutions for the college's cybersecurity program.

Technology Track