How we can work together to stay cyber safe
October 29, 2019
We all have a responsibility to take cyber security seriously – for ourselves but, even more importantly, for others.
But here’s the thing: Cyber security is too hard for each of us to handle in isolation. We need to find ways to work together, both inside and outside government, so that we can help to keep Canada cyber secure.
Here’s how civil society, industry and academia can collaborate with government to become more cyber secure.
How civil society can be more cyber safe
A good place to start on working together to make Canada more cyber secure? Sharing information.
That’s why taking advantage of the resources the Government of Canada has available is a great way to get cyber secure.
We have a number of publications available to the public, ranging from our cyber journals to our Get Cyber Safe Gift Guide that give general cyber security advice to Canadians that are straightforward enough for non-security professions to follow on popular cyber security topics.
That’s why, if you’re an ordinary member of the public looking to get informed, Get Cyber Safe should be your go-to resource.
How industry can be more cyber safe
The support available from the government isn’t just for regular Canadians. There are also a lot of resources available to the private sector as well.
- Working with their new Cyber Security group and reviewing their Draft Vehicle Cyber Security Guidance.
- We have participated in two vehicle working groups that have involved parties from the automobile manufacturers, academia, multiple Canadian municipalities, technology companies developing connected and autonomous vehicle technologies.
- Providing advice and guidance on the cryptographic mechanisms and security engineering concerns used in emerging standards for Security Credential Management Systems used in connected automotive vehicles and Electronic Logging Devices for the transportation sector.
It's not just the transportation sector either.
One of the means they employ is to distribute grants to parties in Canada (various levels of government, academia, community groups, etc.). While looking at two of these programs, the Smart Cities Challenge and the Power Forward Challenge, IC wanted to make sure that Cyber Security was a factor in the selection process for the winning projects, so they engaged with the CCCS to have us produce webinars and present them to the candidates as well as engage in the evaluation of the projects.
How academia can be more cyber safe*
The Communications Security Establishment (CSE) is one of the Government of Canada’s key security and intelligence organizations. As part of its mandate to protect the government’s electronic information and communications networks, CSE explores new and innovative solutions to combat new cyberattack methods by researching cybersecurity data.
However, when CSE recently embarked on a new research initiative to find updated test data, it saw serious limitations in current datasets.
“We found there wasn’t a lot of great data out there,” says Mike Davie, a cybersecurity engineer at CSE. “Much of it was sensitive and not suitable for public research, and it was outdated, so it didn’t take into account modern attack methods.”
To address these issues, CSE reached out to the Canadian Institute for Cybersecurity at the University of New Brunswick (UNB), which had recently conducted promising cybersecurity research around modern attack methods, including brute force, botnet, and denial of service. Both CSE and UNB, though, lacked the computer capacity to simulate cyberattacks on a large scale.
“We needed hundreds of virtual machines and computers to simulate a medium-sized enterprise being attacked, but neither organization had that capacity internally,” Davie says. “We also wanted to do this research cost-effectively, which meant avoiding the procurement of a bunch of servers for a two-week project.”
Cyber defence is a team sport – we can’t do it alone. By working together, we can all do our part to make Canada more cyber secure, while helping ourselves out in the process.
There are no comments at this time
- Date modified: