Preserving capacity, General Tom Lawson, Chief of the Defence Staff, Keys to Canadian SAR
Issue link: http://vanguardcanada.uberflip.com/i/139409
sit rep S Collaboration required to fend off cyber threat In May, the Washington Post reported on a report from the U.S. Defense Science Board that alleged Chinese hackers had compromised the designs and technologies of dozens of U.S. defence systems, including the F-35, V-22, C-17, Global Hawk, Aegis Ballistic Missile Defense System, Warfighter Information Network-Tactical, Navy Standard Missile and Littoral Combat Ship, to name just a few. It was a poignant reminder of just how vulnerable government and industry systems are to cyber threats, despite growing awareness and greater emphasis on protection. A recent study by the International Cyber Security Protection Alliance (ICSPA) found that although 69 percent of Canadian companies surveyed had experienced some kind of cyber attack within the past year, most are not prepared to deal with online attacks. The survey of 520 Canadian firms from finance, telecommunications, utilities, aerospace and defence revealed almost 6,000 reported attacks that resulted in approximately $5.3 million in damage, an average of $15,000 per affected organization. Financial fraud accounted for 36 percent, costing companies an average of $6,438 per attack. The survey found that malware/virus attacks are the most common form of cyber crime; 18% of businesses reported cyber attacks in the form of phishing and social engineering. "Canadian companies are under attack and yet most companies do not conduct risk assessment processes from a cyber perspective. So they don't know if they're under attack because they do not even have the right tools to tell them what's happening," said Ken Taylor, ICSPA president for North America. "Ninety-four percent of the companies surveyed do not have a national or internationally recognized IT security standard in place ... [so] there's a serious disconnect here from the Canadian perspective." The study finds "multiple gaps in cyber crime preparedness among Canadian businesses, from a lack of trained personnel to a lack of strategies and procedures that could mitigate such attacks." And because many companies do not have the tools that would allow them to detect an attack, cyber attacks may be even more widespread than the numbers suggest. Interestingly, most companies were more likely to engage private organizations in relation to cyber attacks, not the RCMP or other government agencies. However, a majority said that Public Safety Canada and the RCMP need to play a more active role in providing awareness, education and support to businesses and individuals to combat the threat of cyber crime. Talyor is hoping business sectors will see this as an opportunity to collaborate. "We have to be willing to share our experiences and what's happening to our businesses in order for us to collaboratively approach this definition phase, because we have to define the cyber lexicon. We have to stand up and say 'this is acceptable online behaviour. . . and this is not'." ICSPA is holding talks with partners such as Lockheed Martin Canada and McAfee, along with organizations like the Canadian Chamber of Commerce and the Canadian Council of Chief Executives, to introduce workshops that will help raise awareness about cyber crime. — Anan Rahman Be prepared! Practice to improve skills. RUAG Schweiz AG | RUAG Defence Allmendstrasse 86 | 3602 Thun | Switzerland | Phone +41 33 228 22 65 marketing.defence@ruag.com | www.ruag.com www.vanguardcanada.com JUNE/JULY 2013 7