Preserving capacity, General Tom Lawson, Chief of the Defence Staff, Keys to Canadian SAR
Issue link: http://vanguardcanada.uberflip.com/i/716217
T THe LAST WORD The upcoming Defence Policy Review is an excellent opportunity for Canada to address cybersecurity gaps that pose serious risks to our country's military and government computer networks and infrastructure. While the incidence of state-backed cyberattacks on national and commercial computer systems of our allies has increased in re- cent years, it is frightening to realize that Canada's cyber defences appear to have been largely neglected, according to two former high-ranking officials of the Canadian Security Intelligence Ser- vices (CSIS) who spoke with Vanguard recently. Duct tape approach "I don't see Canada spending enough on cyber defenceā¦it's still a hodge-podge, duct tape approach. There's a definite need for a cyber-strategy review," says Ray Boisvert, who built a 30-year career in both operational and executive roles with CSIS before retiring as its assistant director if intelligence in 2012. Since then, Boisvert has become the president and CEO of security firm I-Sec Integrated Strategies and more recently senior associate at Hill and Knowlton Strategies Canada. "The country's cyber defence budget is very, very small com- pared to that of conventional warfare," he laments. Boisvert also says there's a glaring lack of strategy and clarity of who is responsible for what when it comes to preventing and deal- ing with cyberattacks leading to the impressions that Canada has been "a little complacent" and adopting a "stand by and watch other" posture on cyber. There has never been a time in history as today, possession of information is so critical to the defence and survival of a nation and yet Canada's ability to gather and analyze data which could help identify potential cyber threats remain in the "rudimentary stages" at best, warns Boisvert. "Right now, one gap is that many agencies still rely on fairly traditional resources (for gathering data)." This is something that Sheldon Shaw agrees with. Shaw is cur- rently a public safety and defence specialist with software company SAS Canada. Before that, Shaw held an executive position at the Communications Security Establishment of Canada and was also formerly an assistant director for intelligence at CSIS where he specialized in computer and weapons of mass destructions issues. "I think there is a technological gap and lack of awareness, not necessarily lack of understanding," he says. cyberattacks not on the table back in 2010 Beyond "keeping the lights on", the defence establishment needs a strategic re-think and a realization of what are the tools it needs to address cyber threats it will face for 2020 and beyond, he adds. In his recent essay on cybersecurity for the Canadian Global Af- fairs Institute, Major-General John Adams (Ret'd) traces Canada's cybersecurity gaps to the fact that "cyberattacks were not on the table" when the existing cyber strategy was being mapped out. "The government of Canada has responded to cyber exploi- tations with its Cyber Security Strategy. Published in 2010, the strategy is noteworthy for the fact that it limits itself to strength- ening the government's capability to detect, deter and defend against cyberattacks while deploying cyber technology to advance Canada's economic and national security interests," he wrote. "It did not militarize cyber security, it was limited to specifying that the Canadian Armed Forces were to strengthen their capacity to defend their own networks, work with other government depart- ments to identify threats to their networks and possible responses, and continue to exchange information about cyber best practices with allied militaries." Adams also noted that a more aggressive approach "would have been ill-advised in 2010" because the concept of cyber war had not yet sufficiently matured: However, he says, a lot has changed since 2010 and cyberspace has "become the centre of gravity for the globalize world" em- bracing economic, financial, diplomatic and military operations. Today, he says, cyber war means disrupting or destroying informa- tion and communications systems in order to threaten a state's sov- ereignty as well as gathering as much information about an adversary while keeping that adversary oblivious to the data gathering. This appears to have been the case with recent controversy over the hacking by threat actors believed to be based in Russia of the Democratic National Convention computer systems in the U.S., according to Boisvert. "They (hackers) were in the network for years and the investiga- tors couldn't find a trace of the APT (advanced persistent threat)," he says. He says the latest trends in cybersecurity indicate that tra- ditional cybersecurity tools such as firewalls are no longer enough. Analytics This is where automation and advanced data analytics can help boost cybersecurity capabilities, according to Shaw. "Analytics has been around for so long, but has not yet been extensively applied to security," he says. "Now we have the data analytics tools that can help defence agencies crunch through the tons of data coming from various sources." For example, predictive modeling uses analyses of behavior pat- terns to develop predictive assessments that are critical for proac- tive defence. Social network analysis allows agencies to uncover hidden relationships and link known entities through a network that can then be analyzed and exposed. Rules-based algorithms alert officials if employees attempt to access files above their clearance levels, while anomaly detection systems flag peculiar employee actions such as downloading un- usually large amounts of data, working abnormal hours, and ac- cessing areas of the building that are irrelevant for their jobs. Should Canada adopt a defensive or offensive cybersecurity pos- ture? Shaw says cybersecurity encompasses, protecting, defending and attacking. "We should start adding attack to our language." Where can Canada turn to for effective models to follow? Boisvert says Canada should look to Estonia, one of the first na- tions to experience a cyberattack. In 2007, the web site of Estonian organizations, including the Estonian parliament, banks, ministries and media were swamped by distributed denial of services (DDS) attacks following the breakout of the country's disagreement with Russia. "Since then, Estonia has worked hard to strengthen its cyber defences," says Boisvert. "They have one of the most effective se- curity certificates, digital ID systems and one of the most resilient networks around." by nestor Arellano TiMe To geT serious abouT CyberseCuriTy 46 AUGUST/SEPTEMBER 2016 www.vanguardcanada.com Take advantage of the Early Bird rate, visit www.C4ISRandbeyond.com For more Information on Sponsorship, please contact: Marcello Sukhdeo, National Account Manager 905-727-4091 Ext. 224 or marcellos@netgov.ca