Preserving capacity, General Tom Lawson, Chief of the Defence Staff, Keys to Canadian SAR
Issue link: http://vanguardcanada.uberflip.com/i/1384391
www.vanguardcanada.com JUNE/JULY 2021 33 But as we see new business models interact with new technologies, we're also seeing the introduction of new cyber risks. Traditional approaches to cyber just can't keep up with the pace and scale of digitization. And they're slowing down business strategies and impacting both the top and bottom lines. So, it's really not surprising that nearly all respondents (97 per cent in Canada and 96 per cent global- ly) say their industry's cybersecurity strate- gies will shift as a result of COVID-19. Which of the following changes are most likely to be impacts of the COVID-19 experience on cybersecurity in your industry? The key takeaways for the defence and security industries • Reset your cyber strategy to adapt to the new business reality and make high- speed digital change safer. • Consider the various partners in your business ecosystem (e.g. vendors, re- search institutes, manufacturers, gov- ernment organizations) that could be targeted as part of a supply chain attack. • If you provide defence and security- related products and services, take a proactive approach to building a robust cybersecurity program that will meet the increased cyber expectations of your cus- tomers. 2. Rethink your cyber budget When looking to the future, two-thirds of respondents, both in Canada and glob- ally, expect their funding and/or revenues to decline in the next year due to COV- ID-19. But encouragingly, 56 per cent of Canadian respondents (55 per cent glob- ally) expect to increase their cyber budgets in that same period. This shows us many executives understand the importance of cyber in enabling both digitization and automation. But across the board, very few Canadian executives are really confident their cy- ber budgets are being assigned and spent correctly. Only 34 per cent of Canadian respondents (compared to 44 per cent globally) are definitive their cyber budget is being allocated to the most significant risks. And while a fifth of both Canadian and global respondents say their organiza- tion is already seeing the benefits of better quantifying cyber risks, fewer than half say their organization has actually implement- ed it at scale. As organizations digitize, getting the most value out of every cyber dollar spent will become even more critical, not just because of our current economic climate, but also because every new digital process and asset can become a new vulnerability for cyber attack. The key takeaways for the defence and security industries • Rethink your cyber budgeting process so you can clearly show how cyber spend links to risk and business priorities. • Link your cyber budget to overall digiti- zation and automation budgets. • Quantify cyber risks so you can put a dollar amount on the impact of each cyber project and better prioritize cyber spend. 3. Level the playing field with attackers Leading defence and security organiza- tions are exploring increased adoption of cloud, intelligent automation and Internet of Things (IoT) systems. This requires a rethink of cyber defences, as these systems can't be protected with traditional IT se- curity methods. An understanding of big data and IoT is key to the military application of technol- ogy. According to the survey, the top three cybersecurity approaches that Canadian organizations, have implemented and are currently realizing the most benefits from are security orchestration and automation (19 per cent), modern identity and access management (17 per cent) and integrated cloud and network security (17 per cent). The key takeaways for the defence and security industries • Explore innovative ways to secure your cloud by fully leveraging built-in cloud capabilities, such as security automation, integration, monitoring and analytics. You'll be able to reduce governance costs, proactively address emerging threats and achieve continuous compli- ance. • Reimagine your approach for securing industrial and IoT systems, where tradi- tional IT security methods won't work. • Take a holistic approach to data trust, integrating your data protection and data governance practices to inspire con- fidence in the use of your classified data as it becomes more distributed. CYBER