Member Perspectives March 15, 2024

Sharing intelligence: the smartest way to protect Canadians against rapid rise in cybercrime

Sasha Krstic – President, Mastercard Canada

Canada’s Place in the World Corporate and public governance Digital Economy and Cybersecurity Industry and innovation

Canadian businesses have long enjoyed a relatively stable geopolitical environment, but the world is changing. A significant rise in geopolitical tensions and conflict have created a tremendous amount of uncertainty and led to a sharp increase in cyber attacks.

This is happening right here in Canada. In recent years, we’ve seen cyberattacks against critical public institutions like the healthcare system or social services and government websites. Just as concerning is a rise in cyber attacks on private corporations that are key to the food and energy security of Canadians.

These attacks are becoming far more sophisticated as well. Cybercriminals are increasingly using AI to sharpen their approach, and they’re becoming much more effective. Since the beginning of the pandemic, it’s estimated cybercrime has increased by 600 per cent with an economic cost of six-trillion dollars. The sheer magnitude of this problem is staggering.

March is fraud prevention month in Canada, a public awareness campaign that began twenty years ago. As Canadians raise our awareness and redouble our efforts in the fight against fraud, these examples make it clear that we must not only focus on what we as individuals can do to protect ourselves, we need to take a much wider view on how to protect Canada’s economy as a whole.

That isn’t to say governments and large corporations aren’t already doing this work. The Canadian government has developed a robust national cyber security strategy, which has helped fund critical research and improved cyber security programs for Canadians.

The private sector has invested heavily in cyber security as well. At Mastercard, we fundamentally believe security needs to be baked into the foundation of every digital product and service we provide. Just as cybercriminals are using AI to improve their attacks against Canadians, we are using it to firm up our defenses.

For example, our recently announced Decision Intelligence Pro solution leverages generative AI techniques and will be able to scan one trillion data points to predict whether a transaction is likely to be genuine or not. Initial modelling shows AI enhancements boost our fraud detection rates on average by 20%.

Collaborating to support Canadian innovation is also critical to protecting our firewalls across Canada currently and for future generations. Through our Global Innovation and Cyber Centre of Excellence in Vancouver, we’re partnering with groups across the cyber security ecosystem, from post secondary institutions like the University of New Brunswick, University of Waterloo, and British Columbia Institute of Technology to non-profits such as Actua, and MaRS to drive research and innovation in areas like AI and cyber security.

The next big step we need to take in Canada is greater cooperation between governments and business. The governments of the United States, Australia, and the United Kingdom all share critical security information with the private sector. In fact, the FBI has an office dedicated to this critical task. Canadian businesses don’t have access to the same level of information as their British, Australian, and American peers, which leaves a considerable gap in Canada’s defenses, and it needs to be closed.

Government-produced threat intelligence is increasingly important for businesses to be able to protect our customers, employees, and communities. If we’re going to stay one step ahead of nefarious actors, we need to know what they’re planning with relevant, timely, and actionable information.

This is an issue that has been front of mind for the Business Council of Canada. I’m a proud member of the organization and have the honour to co-chair its National Security Working Group. Following extensive advocacy work with the federal government, consultations were launched this past November into granting new information sharing authorities to CSIS. This was an encouraging step in the right direction. The consultation window is now closed, and we are awaiting a final decision. I join my colleague Goldy Hyder from the Business Council of Canada in urging the federal government to move quickly to grant CSIS the same powers that the security agencies in the United States, Australia, and the United Kingdom already have.

The digital economy will continue to grow, and with it threats from cybercriminals and unfriendly state actors. We can no longer operate in silos. By working together, we can build a secure and inclusive digital future that everyone in Canada can trust.