The month of October is for harvesting, stocking up, and preparing for winter. A time when pumpkin pies and ghost stories go hand in hand. It should also be recognized as an important awareness month for something truly scary – online security threats and fraud.
Held every October, Cybersecurity Awareness Month is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity. Furthermore, it is to ensure that all Canadians have the resources they need to be safer and more secure online. Don’t let cybersecurity become a scary ordeal. Learn more about cyber threats and how we can work together to be cyber safe.
How cyber threats work
A cyber threat is an activity intended to compromise the security of an information system (such as a computer network or website). As a result, the availability, integrity, or confidentiality of a system is altered. Cyber threat actors are simply individuals or organizations who seek to demonstrate their capabilities, cause harm to an organization or individual, or profit from online activities.
How cyber threats affect you
As Canadians put more of their information online, they become increasingly attractive targets for cyber threat actors. Canadians’ exposure to cyber threats increases with the growing number of Internet-connected devices. Hence, devices such as computers, televisions, home appliances, thermostats, and cars are at risk. Actors can use cyber tools to extort money or information from Canadian individuals and organizations.
How to protect yourself online
Humans are the weakest link in security and the only way to address this is through ongoing security awareness. Organizations need to instill a culture of security. Every employee of an organization and every citizen has role to play in building a strong security posture. Most importantly, higher education institutions need powerful, comprehensive security solutions. This will reduce risk by more proactively addressing cybersecurity and physical safety threats.
Cybersecurity at Laurentian University
Laurentian University, a member of our ON-CHEC program, is building cyber awareness and increasing their security measures to safeguard their students, faculty and staff, online and on campus. In an effort to reduce data leakage risks, Laurentian has added more security features and increased cyber awareness throughout Cybersecurity Awareness Month.
Laurentian completed the following cybersecurity initiatives:
- Updated policy on managing confidential digital information with associated training/orientation for staff and faculty;
- Implemented new safety mechanisms and Gmail confidential mode for better control when sending an email; and
- Offered free photography sessions and training to all staff and faculty to improve online identification processes.
Following Laurentian’s example, cybersecurity should be deeply ingrained in higher education institutions. Above all, cybersecurity is a shared responsibility. Students, faculty, and staff are all responsible for cyber safety.
Protecting your higher education business
Canadian organizations and businesses continue to rapidly embrace the internet and digital technologies, which has the potential to expose them to greater risks and threats. What’s scary is that sectors in Canada that reported the highest level of incidents included banking institutions (47%) and universities (46%).
There is no getting around the huge financial impact of a data breach. Here’s why:
- Average cost of a breach in 2019: US$8.19 million
- 7.3 billion records breached in 2017
- 1906 breaches in the US in 2017
- 90 breaches reported weekly
- NRC breach in 2014 costed the Canadian government over $400 million
Organizations need to make cybersecurity a priority. Most importantly, organizations and partners across industry and government need to work together to ensure a more cyber safe future for everyone. Campus administrators and IT security professionals are dedicated to providing a safe and secure online ecosystem in which students, faculty, and staff can work, learn, and pursue academic goals without worry.
Cybersecurity at Niagara College
Niagara College, a member of our ON-CHEC program, is safeguarding their critical resources and building resilient systems to improve their cybersecurity posture now and in the future. The college has leveraged two security assessments to help define priorities for cybersecurity activity. Therefore, areas of the network serving students and faculty at Niagara College will be provided basic levels of protection by:
- Implementing multi-factor authentication for faculty and staff off-campus access to sensitive data;
- Launching a data governance project to develop an accurate inventory of data and define the appropriate treatment for handling, storage, and destruction; and
- Creating isolated and secure “stealth” networks across a common infrastructure and do so in a much simpler and more stable way.
Niagara College has also launched its first cybersecurity awareness information campaign leveraging resources from the Government of Canada’s getcybersafe.ca website. They are using digital signage, physical posters, social media communications, and articles to educate the end user and protect them.
How we can work together: ORION is helping create cyber security awareness among the research and education community in Ontario
The Ontario Cybersecurity Higher Education Consortium (ON-CHEC) is playing a vital role in creating security awareness and helping improve the cybersecurity posture for its members. This is achieved by publishing security advisories and email digests that feature key security news and events, discussing security vulnerabilities and proposed remediations, and providing updates on security standards and regulations. In addition, ON-CHEC hosts monthly webinars on prevailing security issues and topics relevant to the higher education sector.
It is estimated that there will be 3.5 million cybersecurity roles unfilled by 2021. According to Deloitte, demand for cyber talent in Canada will continue to increase by 7 per cent annually, requiring 28,000 cybersecurity professionals by 2021. Deloitte reports that “Canadian executives view the cybersecurity talent shortage as one of the top five challenges to managing cybersecurity within their organizations.” That’s why ORION recently rolled out its Community Training program. ORION provides custom-tailored workshops to enable our research and education community to work together. For the reason that training will help to solve the cybersecurity skills gap and build the capacity of the sector.
ORION Community Training
Communication Skills for IT and Security Pros Workshop
November 18, 2019 – Toronto
This one-day workshop will provide you with the skills, tools, and confidence critical for cybersecurity leaders to communicate effectively across your organization, with both technical and non-technical audiences.
Certified Chief Information Security Officer Training (C|CISO)
December 3-6, 2019 – Toronto
This four-day in-person workshop will build on your high-level understanding of technical topics and apply this knowledge in your day-to-day work as a leader in information security. By taking this workshop, you will bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many existing and aspiring CISOs already possess.
Cybersecurity is a team sport
Cyber defense is a team sport. Government, industry, academia, and civil society must all work together to strengthen Canada’s cybersecurity. Our cyber systems hold valuable information that is critical to our health, our economy, and our security. Above all, we need to work together so we can strengthen our resiliency against the threat of cyber attacks. Let’s build a community where sharing is the default and we prioritize the security of all of our systems.