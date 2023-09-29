Organizations traditionally keep their trade secrets under lock and key. But there’s a growing movement to share information on one critical front: cybersecurity.
“Historically, companies viewed it as a reputational risk to indicate they have been attacked, so they kept everything close to the vest,” says Ken Barker, a computer science professor at University of Calgary. “They would go through the process of cleaning up and recovering from [the incident] but they didn’t have any desire to share information with their competitors to prevent them from getting attacked. That’s changed in the last 10 years. Companies are beginning to say, ‘We’re all under attack here, so it’s in our best interest to notify the community as soon as we detect [a cyber threat].’”
As awareness about the need to share information grows, consortiums and other groups are coming together to help organizations defend against sophisticated and costly cyberattacks. Not only does collaboration allow organizations to stay on top of today’s threats, but it can also help strengthen their defences against future attacks.
One such group is the Canadian Cyber Threat Exchange (CCTX), a cyber threat collaboration forum and central source of cyber threat intelligence. The CCTX Collaboration Centre lets cybersecurity professionals share information on the latest threats and how to defend against them, as well as exchange best practices, techniques and insights.
“What we’re trying to do is build up the resilience of companies,” says Robert Gordon, strategic advisor at CCTX. “We know there is a very high probability companies are going to get hit by a cyberattack and they want to prevent it. But equally important is when that incident occurs, how do you get back into business as fast as you can? That’s resilience.”
As for giving away trade secrets, Gordon says there’s growing awareness that cybersecurity is not a competitive issue. “That’s not to say there’s no competition,” he says. “But each company is going to compete on the goods and services they provide, not on their knowledge of the cyber threat environment.”
At CCTX, Gordon says collaboration takes a variety of forms, from a company asking if anyone has experience with a new cybersecurity solution they’re implementing to someone asking for help developing guidance for employees.
This is especially helpful for small- and medium-sized businesses. “Quite frankly, they don’t have the resources, either in terms of people or dollars, to [build resilience] on their own,” says Gordon. “So, if they can benefit from the abilities and experience of others, it puts them ahead of the game and they can start to build cyber resilience.”
Another critical piece to collaboration is engaging people across the organization to determine third-party vulnerabilities, as vendors and suppliers may also pose cybersecurity risks.
“Cybersecurity is now becoming a ‘whole of business’ discussion – this is no longer just the responsibility of an IT department,” says Gordon. “IT departments have to engage with the rest of the business to say, ‘What things outside our organization would impair our ability to operate if they got hit by a cyberattack?’” says Gordon.
Academia-industry collaboration also helps move cybersecurity forward. The National Cybersecurity Consortium (NCC), where Barker serves as scientific director, was founded in 2020 by five Canadian universities (University of Calgary, Toronto Metropolitan University, Concordia University, University of New Brunswick and University of Waterloo). A federally incorporated, not-for-profit organization, the NCC is devoted to research and educational activities in all aspects of cybersecurity, and fosters collaboration among academia, industry and government.
Barker is also director of the Institute for Security, Privacy, and Information Assurance (ISPIA), a research centre that draws on specialized experience from across the University of Calgary to address cybersecurity and privacy issues through a practical, multidisciplinary approach. “The institute allows faculty members to come together under a single umbrella… so that we can have a bigger impact than just working in our own individual labs,” says Barker.
Beyond academia, peer-to-peer sharing among those who hold the keys to data – chief information officers (CIOs) – can have a big impact. The Inspire Leadership Network is a peer leadership network of chief information officers (CIOs) from public and private businesses, government, education, health care and non-profit institutions. Throughout the year, member-led programs provide opportunities for CIOs to develop and strengthen relationships, grow their network and sharpen their leadership acumen.
In the future, sharing information about cyberattacks might soon become mandatory. A new cybersecurity bill, Bill C-26, will require mandatory reporting of cyberattacks against systems that are vital to Canada’s national security or public safety, including banks, telecoms, transportation services and others.
CCTX’s Gordon says that, while there are positive aspects of the bill, it only applies to a relatively small number of critical infrastructure companies. And again, “sharing cyber threat information is far more than just the reporting of incidents,” he says. “When you report a cyber incident, it doesn’t solve the problem. All it’s done is identified the problem. So [we] want to share, collaborate and be in front of it.”
