Before anyone even uttered the word “ransomware” or “attack vector,” it warmed my heart to hear that we had well over 1,000 people tuning in from across Canada to the inaugural MapleSEC event. We had people watching from Nunavut, Vancouver, and St. John’s – a truly nation-spanning event that is here to stay for the next several years, according to Byron Holland, CEO of the Canadian Internet Registration Authority (CIRA).
To everyone who tuned in – thank you so much for your time and consideration. And of course, a huge thank you to our sponsors.
Day 1 began with A Peek Behind the Curtain at International Cybersecurity Threats, a panel moderated by the Mackenzie Institute’s Karsten Arend and featuring:
- Adam Hamilton, Special Agent, FBI
- Neal Ziring, Cybersecurity Directorate, National Security Agency
- Benjamin Salazar, Cybersecurity Expert, Department of Homeland Security
- Donald MacLeod, Director of Autonomous Defence and Sensors, Canadian Security Establishment
Not registered for MapleSEC yet? Do it now!
Hamilton says that cybercrime is their highest priority, and that’s not to downplay the more physical manifestations of terrorism, but the cyber realm has grown to such a size that every violation the FBI looks into touches a computer in some way. The rising number of endpoint devices is also causing headaches. Finding weak links on those devices in your average corporate or even industrial environment is easy for attackers.
Ziring says a shared service model and better alignment between private and public sectors will be key for SMBs staying secure going forward.
It’s all about the money
Steve Biswanger, CISO for ATCO Group, and a member of the CIO Association of Canada’s CISO Division did a great job highlighting what makes cybercrime so attractive to criminals. It comes down to money, of course, but Biswanger’s handy graphic hammered that point home well.
FBI data suggests cybercrime will be a $6 trillion industry by 2021. That’s … a lot of money.
Horror stories
The day’s first breakout session was a moderated roundtable featuring spooky stories about misconfigured devices belonging to a technician, disgruntled fired employees seeking revenge, and hijacked phone systems.
Also:
MapleSEC: The ransomware attack that turned into a horror story [IT World Canada]
Yikes – another spooky story is about a hacker getting into someone’s phone system and racking up $80K in long distance charges. There was no active monitoring solution in place to flag unusual activity. #MapleSEC
— Alex Coop (@ItsJustAlexCoop) October 5, 2020
Looking ahead
Fortinet’s CISO, Jonathan Nguyen-Duy, hosted a panel about security risk trends in 2020 and beyond.
Here’s a question you should ask when talking cybersecurity spending with leaders, says the advisory CISO at Akami Technologies: Are we effectively using the budget allocated for cybersecurity properly? Don’t just wonder if the tools themselves are being used correctly. #MapleSEC
— Alex Coop (@ItsJustAlexCoop) October 5, 2020
Rumboldt says parts of the public sector is “starting fresh” when it comes to managing its now largely remote workforce.
Dealing with media after a crisis
Allan Bonner of the Mackenzie Institute Board of Governors says response begins in the first hour after the data breach. “If you’re not in front of this in the first hour or making good headway … you may stay behind the eight ball forever.” You can read more about his crash course on how to deal with media and stakeholders after a cyber incident here.
Also:
How to deal with media and stakeholders following a cyber incident [IT World Canada]
Hardware needs love too
Putting a bow on Day 1 was Mitra Mirhassani, associate professor at the University of Windsor’s ECE branch. Knowing who is designing your hardware, she says, and gaining insight into their process helps ensure security is embedded from the beginning. And when we say hardware, it’s not just laptops and smartphones. We’re talking streetlights, manufacturing systems, transportation systems – keeping these systems secure keeps humans safe, too.
Looking ahead to Day 2
Here’s what you can look forward to on Day 2!