Passion. Experience. Excellence.
"To enable the deployment of proven, yet practical Enterprise Security Management tools, methodologies and techniques combining robust management know-how with unparalleled security expertise and executive skills."
The Institute is comprised of a wide array of security leaders, experts, academia and practitioners who are in constant search of excellence in the fields of security, safety, cyber-defense, business continuity, emergency management and crisis management. Partners and leaders of the Institute have united their efforts to professionalize the security community of the 21st Century through the SECOPS Program. The result is a roadmap to help you respond and recover from events and incidents that could derail the course of any business. This community understands that the security imperatives of government and private businesses need to be communicated in business terms. Security managers will increasingly need to work hand-in-hand with organizational leaders to protect the lives, property, information and business processes of the organizations that comprise Canada’s government and private sector critical infrastructures.
Developing Tomorrow's Security Leaders Today
Private and government organizations worldwide are under growing attacks by a wide array of increasingly-sophisticated threat agents who seek to derail, embarrass, paralyze or shut down business operations by targeting people, information, assets and the continuity of business operations.
As security leaders, your most important role is the protection of people under your watch, and the continued viability of your business operations. When attacks occur leaders are judged by how well their organization is prepared to deal with a crisis.
Readiness starts with knowledge and an understanding of the framework required to build reliable plans to mitigate impact to your organization. The SECOPS Institute provides this framework, and trains its students to leverage practical learning to develop robust enterprise security plans aimed at protecting organizations against all relevant threats.
PRESIDENT AND DIRECTOR OF THE SECOPS PROGRAM
Jean-Philippe is the Chief Postal Inspector of the Canada Post Corporation and a graduate of the Royal Military College of Canada with a Bachelor of Engineering and Management degree, and a Master's degree in Public Management from École nationale d’administration publique (ENAP). As an officer with the Royal 22e Régiment, he served in operations in Canada and abroad; he taught at the Infantry School; and held staff positions at the 1st Canadian Division and at National Defense Headquarters in Ottawa.
Following his retirement from the Canadian Armed Forces in 2001, he joined the private sector and led a management consulting division, specializing in the management of enterprise-wide harmonization programs and initiatives; and served as Executive Director of Security Operations at the Privy Council Office. His accumulated knowledge and experience in the public and private sectors also enabled him to teach at the postgraduate level in various fields such as strategic management, crisis management, diagnosis and organizational design, dashboard and leadership skills. In recent years, he developed an Integrated Business Management Framework that enables senior executives to undertake and lead transformational initiatives.
During his career, Jean-Philippe also acted as a School Board Trustee; coached various sports and presided over a sports association in the National Capital Region; and is currently serving on a Board of Directors for a Knowledge Institute in the health sector.
Jean-Francois "JF" Sauriol
Jean-François Sauriol has been involved in the in the information security field for over 30 years. As the CSA at SecurityJF Inc., JF leads a flourishing Professional Services Security Practice with clients from both the public and private sectors. JF specialises, among other topics, in Cyber-security, organisational policies and standards, risk management and developing and providing training programs on multiple aspects of information security.
JF is an (ISC)2 accredited training trainer and has directed the curriculum for the Armed Forces Communications and Electronics Association (AFCEA) ITSec course for almost 20 years ensuring its evolution following the myriad of developments in organisational security and cyber-security. He has also offered a complete suite of security courses for the Communications Security Establishment (CSE) for members of the Canadian government.
JF has created a whole series of Cyber-security and anti-bullying workshops for French and English schools (3rd to 12th grades & University) since 2006. He has been invited to lead over 300 such workshops by French and English school boards and community associations in Ontario and Québec to engage students, parents and teachers on cyber-security and the prevention of cyber-bullying. He has also been invited at educational conferences to address cyber-bullying, its root causes and winning combat strategies.
M. Sauriol is also the Vice President of the Special Education Advisory Committee (SEAC) of Le Conseil des écoles catholique du centre-Est (CECCE) in the Ottawa area.
M. Sauriol is also the CISO for Notarius Inc. in Montréal offering corporate solutions for the long term reliability of identities and documents based on an accredited Public Key Infrastructure (PKI).
From left to right, starting in the rear: Ron Reddick; Maxime Courchesne; Daniel Pelletier; Jean-François Sauriol; Rennie Marcoux; Jean-Philippe Caron
Front row: Dr. Mark Raizenne; Anick Lozier; Muriel Earle; Lyne Jutras; Brian Deeks
Missing: Isabelle Veilleux; Ann Seguin-Huska; Caroline Kekanovitch; Dr. Christian Leuprecht
Our 30-day advanced Chief Security Officer training program is broken into 6 learning modules of 4 days each taking place from Friday to Monday in our training facility. Following the last module, we have prepared a comprehensive group exercise offering a chance for all students to integrate and apply their new skills during role playing scenarios as CSO or Deputy CSO, in response to various security incidents, emergencies and crisis.
Provides students with basic security management principles and the knowledge to develop policy and procedural framework necessary to comply with relevant criminal, administrative, civil laws and regulations, to minimize exposure and adverse effect. Students will have the skills necessary to design and support a safe and secure work environment.
Enables students to develop and manage a Security Management system that protects employees, preserves assets and information, and ensures organizational resilience. Students will develop executive skills to lead the security function of the enterprise with the required level of efficacy.
Students will learn to control outcomes by identifying threats, risks and vulnerabilities, and understand and prioritize their significance to the organization. They will develop the ability to recognize suspicious behavior, and build cultures which empower people and organizations to bring forward concerns the moment they are identified.
Students will learn to develop and maintain an Identity and Access Management framework; from personnel screening, to implementation of defense layers and safeguards, to the continual evaluation of policies procedures and programs to ensure the right people access the right information and assets at the right time for the right reasons.
Provides students with the knowledge to build and manage investigative programs for their organizations, including; oversight of investigations, collection and preservation of evidence and the production of reports to enable the organization to root-out causes of impacts and make informed decisions.
Students will learn how to respond to critical incidents which threaten an organization's people, assets and information. This module will enable them to build plans to mitigate impact, expedite recovery and reduce the time it takes to resume normal activities.
- Instill a willingness to learn and apply new knowledge and skills for lifelong learning in the security domain.
- Create accountability for your own professional development through new relationships.
- Be prepared to apply learnt new knowledge and skills so you can assume responsibility for the management of departmental and corporate security with confidence.
- Familiarize yourself with the intended deliverables of the SECOPS Program, its expected Learning Objectives, the roles of the Partners, and the emerging opportunities.
- Get to know the Instructors and Staff and the value they will bring to the Program.
MODULE 1: MANAGE
- Develop and manage a Security Management System that protects employees, preserves assets and information, and ensures organizational resilience and business continuity.
- Understand the fundamental components of a Security Management System and continually develop innovative approaches to optimize the use of scarce resources and emerging technologies.
- Seek out new tools and methodologies that can assist in streamlining security and improve the overall efficiency of the security function.
- Further develop the executive skills needed to lead the security function of the enterprise.
- Learn how to plan, organize, direct and control the Enterprise Security Program, and be ready to explain it with clarity and confidence.
- Be able to design a Security Awareness, Training, Education and Exercise Program that will align with the business imperatives of the organization.
MODULE 2: COMPLY
- Understand the professional ethics expected of a Chief Security Officer.
- Apply the basic security management principles and values necessary to ensure the security of the enterprise.
- Comprehend and maintain the policy and procedural framework necessary to comply with relevant criminal/administrative/civil laws and regulations to minimize organizational exposures and adverse impacts.
- Re-frame complex security issues using a solid security management and regulatory framework that will help you identify innovative and creative solutions.
- Design and support the creation of a safe and secure work environment that will promote a high-quality workplace.
MODULE 3: CONTROL
- Protect physical and digital information from unauthorized access, use, disclosure, modification, perusal, recording or destruction.
- Detect and deter malicious cyber-attacks from crippling your critical functions and infrastructures.
- Recognize suspicious behavioral patterns and intimidation techniques with a view to design a positive work environment where personnel can contribute to the minimization of compromise or incidents.
- Awareness of fraud and what can be done to combat it.
- Understand why people commit fraud, and how to improve the measures to detect and disrupt fraudulent activities before they occur.
- Develop a Victim Assistance Program (Aid to the Victims) as a result of a security incident.
MODULE 4: INDENTIFY
- Develop, implement and manage a personnel security screening program.
- Design the background checks and investigative approaches (including resolution of doubt) required to establish the identity of all employees, with a view to maintaining their physical and digital access, and to validate their reliability, integrity and/or loyalty for hiring, promotion and retention.
- Implement enabling security safeguards to ensure that the right individuals (given specific persona and context) access the right resources at the right times and for the right reasons.
- Evaluate the enterprise-wide policies, procedures, programs and methods to protect employees from violence in the workplace, including harassment, bullying, intimidation, suspicious behaviour and threats.
- Develop security measures and defensive layers to deny unauthorized access to facilities, equipment, systems and resources, and to protect employees and property from damage or harm.
MODULE 5: INVESTIGATE
- Develop and manage the Investigation Program aimed at identified security incidents.
- Oversee specialized investigations (including bait techniques and integrity testing) and interviews.
- Collect and preserve evidence to support post-investigation disciplinary and administrative action(s), criminal or civil proceedings, arbitration and/or other HR processes.
- Produce investigative reports that enable the enterprise to make informed decisions.
MODULE 6: RESPOND
- Be prepared to deal with critical incidents or events that threaten to harm the organization, its people, assets and information, or the continuity of its operations.
- Plan how the organization will respond and recover from a critical incident or event.
- Develop a Business Continuity and Resumption Plan.
- Identify the elements of a Contingency Planning process that evolves with the dynamics of the organization’s operations.
- Enable the resumption of activities.
COMPREHENSIVE SIMULATION EXERCISE:
- Lead the Security function as a Chief Security Officer or Deputy Chief Security Officer.
- Learn to communicate clearly and confidently as the Lead Security Official.
- Integrate and synthesize information from multiple written sources.
- Learn to share thoughts, ideas and information in a logical, organized, efficient, and more importantly, coherent manner.
- Apply lessons learned and readily implement the corrective, preventive and priority actions to improve the overall efficacy of the Security Management System.
“Leaders are judged by how well the organization is prepared to respond to a crisis.”
— JP CARON, SECOPS INSTITUTE PRESIDENT & DIRECTOR OF THE SECOPS PROGRAM