Fighting cybercrime through collaboration

As published by Trevor Neiman on LinkedIn.

Over the past few months, criminal gangs attacked an array of prominent businesses. The victims included the world’s largest meat processor, a pipeline operator responsible for delivering half the U.S. East Coast’s fuel supply, and a major commercial insurer. No employees were injured, no safes were cracked, no car chases ensued. Instead, with a few clicks of a mouse, the attackers compromised the organizations’ digital systems to pillage sensitive data and extort millions in ransom payments.

Canada is not immune from such attacks. According to Statistics Canada, two out of every five businesses in this country experienced a cyberattack within the last two years. The impact on owners, employees, and investors is staggering. IBM estimates that the average cost of a data breach in 2021 reached $6.75 million.

However, cybercrime doesn’t just threaten the viability of businesses. Many attacks also disrupt the services that we rely upon daily. This year’s assault on health care facilities provides a timely example. At the height of the pandemic, facilities across the country were overwhelmed by a series of attacks, disrupting medical services and putting patients’ safety at risk.

The unfortunate reality is that the economics of cyberspace currently favours the attacker. The culprits have clear advantages, including easy access to digital exploits, a high degree of stealth, and a low likelihood of being caught. This means that individuals armed with a computer and a few lines of code can quickly and cheaply unleash a remote attack. Once the damage is done, the perpetrators can conceal traces of their activities and slip away with impunity.

To be sure, Canada has made progress in building a stronger, more cyber-resilient society. For example, the creation of the Canadian Centre for Cyber Security in 2018 has improved the federal government’s readiness to respond to cyber threats. For their part, businesses have made cybersecurity a top priority. Statistics Canada estimates that companies invested $14 billion in 2017 alone to improve their ability to detect, prevent, and recover from cyber incidents.

Unfortunately, cyberspace is becoming increasingly complex, to the point where it’s no longer possible for any one organization to marshal the resources needed to keep pace with cybercriminals. As a result, closer and more meaningful collaboration both within and between government and business will be needed.

Three areas which could immediately benefit from greater collaboration are public awareness, capacity building, and threat sharing:

 1.     Building public awareness: The unfolding cyber crisis is perceived by too many Canadians as being a world away. Only when there are highly visible attacks do we pay much attention. But even then, the lessons tend to be quickly forgotten. It’s like witnessing a bad car wreck. You slow down for a few days, then speed like before.

This must change. Cybercrime is not abstract, nor does it exist in a vacuum. It has real-world implications for Canadians’ privacy, financial security, and even personal safety.

Government and business must therefore do a better job of explaining the costs and impact of cyberattacks to the public. Only then will people take security measures seriously.

 2.     Strengthening Canada’s cyber capacity: We need to tackle Canada’s growing cyber skills shortage to ensure businesses have the capacity to defend against attacks.

More than three-quarters of Canadian companies in a recent Fortinet survey said they were struggling to recruit, hire, and retain cyber talent. Of these same companies, nearly 90 per cent said shortages of skilled professionals were creating additional cyber risks for their organizations.

Here again there is need for closer collaboration between government and business. Palette Skills’ Accelerated Cybersecurity Training Program is an excellent example of the kinds of public-private partnerships that are needed to build the next generation of cyber talent. Designed by industry experts, the eight-week program helps recent graduates quickly transition into high-demand cyber roles.

 3.     Encouraging more threat sharing amongst organizations: Threat sharing enables organizations to leverage the collective knowledge and expertise of their networks to improve their situational awareness, strengthen their security posture, and defend with greater agility.

For larger companies, it’s a way to enhance the resiliency of their suppliers and customers, while promoting trust and goodwill across their industry. For smaller businesses, it’s a way to benefit from the resources of larger, more sophisticated companies.

Two things can be done to encourage more threat sharing:

•  Government can eliminate legal obstacles to sharing by creating safe harbours for firms sharing in good faith, and
•  Business and government can create incentives – like reduced insurance premiums – for firms that actively participate in trusted collaboration networks, such as the Canadian Cyber Threat Exchange.

Working together, government and business have made progress towards building a safer, more secure Canada. However, much more can be done to protect Canadians. We can start by working more collaboratively to understand the threat, shore up our defenses, and let one organization’s detection become another’s prevention.