Generating New Ideas From Across the Public Sector



Palo Alto Networks Expert Forums bring together industry professionals to share best practices, talk about security challenges and learn about our platform. We asked Kevin Magee, Palo Alto Networks Regional Sales Manager for Ontario, Public Sector, to share perspective on the success of these events in Ontario’s unique public sector community.

We recently held our third Palo Alto Networks: Ontario Public Sector Security Expert Forum where a group of highly skilled and committed professionals gathered at a quiet and secluded location in southwestern Ontario to get away from the office for a day, meet with their peers from across the Province, drill down into the deepest weeds of security technology and most importantly, share their experience, expertise and knowledge with one another.

2014-04-29 11.15.59

These community-driven events are becoming more and more important because a public sector security professional’s work can sometimes be unappreciated, overwhelming and lonely.

Balancing the need to guarantee freedom of information, privacy as well as equal and fair access to online resources and yet somehow safely enable both the user and the organization at the same time is a significant challenge. Having to do all of this with very limited resources and under the watchful eye of administrators, elected officials, the media and the public makes it even more difficult.

Add to this mix consumer-tech savvy users who are demanding more and more access to BYOD, the web and cloud applications such as SharePoint, Dropbox and Facebook to better engage with constituents, provide rich educational experiences and save tax payers money and the job of safely enabling the public sector user and organization becomes even more challenging.

For the most part, I find public sector security professionals love their jobs and the organizations they protect. They often feel personally connected to the mission of their organization and take their responsibility as public servants quite seriously and very personally.

Unfortunately, these professionals are often left to figure out on their own how to maintain a complex balance of openness and security with little time for formal training, budget for travel to conferences and opportunities to attend networking events with their peers — all of which they need to keep their skills sharp and their organizations protected.

Our Public Sector Security Expert Forums here in Ontario try to help close these gaps, just as Palo Alto Networks Expert Forums do throughout the world.

About this time last year, one of our municipal government customers was kicking off a security project. They were just starting the process of allocating budget and resources and I was meeting with them on a totally different topic when this new project came up during the discussion.

I mentioned that the university down the street had just completed work with our technology that was very similar and that they could probably offer some insights and expertise to accelerate the city’s project. It turned out that not only had the university already tackled many of the problems faced by the city but so had the local college, hydro utility and several of the hospitals in the surrounding area.

More importantly, all of these organizations were willing to help.

This got the CTO of the city thinking:  Why couldn’t these various organizations just get together and tackle these types of problems on a regular basis as a community? It’s not like public sector entities compete with one another. More than perhaps anywhere else, in the public sector it is truly in everyone’s best interest to share knowledge, improve efficiencies and lower costs to better serve constituents, students, patients and taxpayers alike.

On their own, none of these organizations had the budgets necessary for advanced training or outside consultants needed to tackle the complexities of modern security challenges but working together they believed they could accomplish much more. Adding Palo Alto Networks resources to the mix could further scale the potential for this emerging community and the local Palo Alto Networks team even committed their own personal time to help get things started.

Together we decided on an old school Homebrew Computer Club approach to building the community, which was easy to implement, inexpensive and yet could provide an incredible opportunity to scale. The format would also appeal to the hacker culture of the group, which was key to driving participation.

So last year we took a leap of faith and decided to hold our first Palo Alto Networks: Ontario Public Sector Security Expert Forum. We met in London, Ontario and had approximately 35 public sector security professionals attend our pilot event.

The agenda was simple and broken down into four parts:

First, an introduction by the host CTO outlining the purpose of the event and what he hoped it would achieve. This also included some basic recommendations for those in attendance to not only share technical knowledge but to also discuss policy concerns, unique challenges, to actively seek the assistance of one another and simply to get to know each other as individuals. Often in the public sector we work in isolation and this was one of the key obstacles that he hoped the event would begin to overcome.

Next, we completed a technical level-set for the group discussing the state of the union for next-generation firewall technology. This was a deep dive technical presentation that was jointly presented by Palo Alto Networks engineers and experienced public sector security professionals. It wasn’t your regular sales and marketing deck; it was a practical and hands-on real-world approach to the subject with a great deal of interaction, discussion, sometimes debates but most importantly knowledge sharing.

After that was a case study presented by a university security professional on how they addressed bandwidth and packet shaping concerns within the context of security at their organization. What came out of this presentation was a very insightful discussion on how best to engage with administrators and combine technical expertise with policy to meet the security needs of universities. This case study was so well received that the university security team has since helped a number of other public sector customers including municipalities and hospitals in creating policy and implementing solutions of their own.

The final portion of the day was our expert panel. This was an idea that we had in hopes of generating new ideas from very different areas of the public sector. For the panel we selected a municipal, healthcare, higher ed, K-12, and police services representative from the group. The group then asked them questions regarding how they address specific security challenges and unique policy concerns in their own organizations and what came out of it was quite interesting. In a number of cases one area the public sector was able to address a concern or solve a problem that could be replicated in other areas with only minor changes.

Since last year, we’ve held three of these events across Ontario and we are beginning to see a highly engaged and vibrant community of public sector security experts grow, with a great deal of interaction occurring between events as well.

This community-driven approach is not only a pleasure to participate in but is also very much in line with Palo Alto Networks strategy for addressing security with visibility, intelligence and sharing.

Through these forums we bring visibility to not only the threats and technical aspects of our work but also the policies, personal challenges, organizational weaknesses, and other concerns we all share.

Then we apply our collective experience and expertise to solve problems, to find solutions and get results that could not be accomplished independently. Most importantly we leverage the power of sharing. This comes in the form of information, best practices but also time, empathy and personal support, which work to strengthen and protect both individuals and the organizations, they serve.

I invite you to check out upcoming WildFire: Controlling Modern Malware in the Public Sector workshops:

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS