If you’re alone in the cybersecurity world, you’re in trouble
digiTALKS: A dialogue on the evolution of technology and the impact digital transformation is having on business, industry and careers
This week, Michael Barr, SAIT’s chief information officer, and Rob Milman, associate director of technology services at SAIT, discussed cybersecurity in an interconnected world.
If you missed this latest digiTALKS dialogue, learn a little about increasing security vulnerabilities, investing in technologies like AI and machine learning, and the importance of community information sharing with these “byte-sized” takeaways.
Ready to join the frontlines for a rewarding career in information security? Check out these SAIT programs: Information Systems Security, Information Security Analyst and Cyber Security for Control Systems.
💻 If you use technology in your business, your cybersecurity vulnerability is increasing every day…
Rob Milman: The expansion of technology is creating more entry points and more crimes of opportunity for the bad guys or bad actors — we’re making it easy for them.
Since 2016, the number of vulnerabilities or security weaknesses have really ramped up. About 16,000 vulnerabilities are being released each year. If you multiply that by the number of devices we have, say at SAIT, that’s 10,000 devices, you end up with millions of opportunities.
Michael Barr: The reality is, if you use technology in your business, your cybersecurity vulnerability is increasing every day. If you have a portable device connected to your wifi network or a corporate device on your home network — you’ve just expanded your vulnerability. It’s not a stretch to say our systems are being probed five million times a day. The bad actors are trying to find weaknesses thousands of times a minute.
To quote Jim Gibson, SAIT’s chief catalyst, there is no economic incentive for people who make devices to build in security. A Nest thermostat, a wireless crockpot or smart fridge, the companies behind these devices assume you’re going to set the password, that you have a firewall. That part’s up to you and it’s a major vulnerability.
Expand on that, and imagine wireless door locks, clocks, the whole Internet of Things. Think about the next generation of devices, with built-in AI and machine learning.
📱 “Am I going to be replaced by AI?” No, you’re going to be augmented by it…
RM: Investing in technology is something I’m really big on, in particular machine learning and artificial intelligence (AI). SAIT students ask me quite often when I present to a class on cybersecurity, “Am I going to be replaced by AI?” No, you’re going to be augmented by it.
We talked about millions of vulnerabilities and thousands of threats, this adds up to hundreds and thousands of alerts to look at. A single human being can’t possibly look at these on a screen and figure out what needs to be investigated.
Machine learning and AI crunches the data and millions of logs — at SAIT we have 100 GB of logs per day — and that helps us see what the bad actors are doing, it tells us what we need to focus on.
Next generation firewalls have the ability to learn what’s normal on your network and block what isn’t by using machine learning and big data. They’re evolving with everything else.
💾 If we’re not working together, then we’re falling behind at all times…
MB: One thing to realize, if you don’t already, is that the bad actors are working together. It’s a large sophisticated community. That’s what makes cybersecurity a big challenge.
Working alone, the odds are stacked against you. So, one of the first things we recommend is to get a community. Share information with each other. We’re basically looking for needles in an internet-sized haystack. We’re looking for little clues about what’s going on.
RM: If you’re working by yourself in the cybersecurity world, you’re in trouble. If we’re not working together, then we’re falling behind at all times.
In higher education, for example, all 26 post-secondary institutions in Alberta are part of a security collaboration facilitated by Cybera. CANSSOC, the Canadian Shared Security Operations Centre, provides curated threat feeds, and CUCCIO, the Canadian University Council of Chief Information Officers, had a sharing group for a while.
There are a ton of really good initiatives happening federal, provincially and locally. For many years, cybersecurity people were hesitant to share. But in the last few years, we have recognized the need to share more broadly.
🔐 You don’t want to be learning this when you’re going through it for the first time…
MB: If you still don’t think cybersecurity is a big deal, think of your reputation. If your organization is compromised and you have to explain why to your clients, this impacts your reputation.
If the first time you’re learning about this is when you’re compromised, you’re going to be losing sleep for a couple of days. Getting compromised is a not pleasant thing. And there are lots of steps to take if it happens.
Have you talked about what happens if there’s a breach at your organization? Do you know who to call? Do you have a good understanding of your cyber insurance?
Simulations, table top exercises are a good idea for the whole organization or institution — not just the IT people. You don’t want to be learning this when you’re going through it for the first time.
RM: Basic security capabilities are part of everyone’s basic skills. We’re working on a table top exercise for the institution to practice our incident response plan, with some gamification elements to help make it engaging. You have to assume a cybersecurity breach will happen eventually.