“Cyberspace has consequently become a domain of potential conflict just as real as land, sea, air and space.” – Canada First report, 2013
As an online company that manages buyers and sellers in global, complex supply chains, OMX has made cybersecurity a top priority since the very beginning. After all, we deal with confidential information from private companies and classified information from the government on a daily basis.
These last couple of years have seen the rise of cybersecurity from all angles–criminals have become smarter and more daring when it comes to cyberattacks on both individuals and corporations, as has cyberactivity from state-sponsored actors and state agencies. In addition, all of the great technologies that we celebrate, such as Artificial Intelligence, will be leveraged and used to scale in cyber-attacks.
It’s clear that the cyber space isn’t going to go anywhere anytime soon, so here are some of the most pressing themes that Canada will be facing in the not-so-distant future–and how Canada’s innovation community is looking to tackle these challenges.
Cyber security was first identified as a key field for Canadian defense investment and innovation in the 2013 Canada First report. Since then, it has been formally prioritized in Canada’s offset policy under one of five Emergent Technologies in the Key Industrial Capabilities:
“Cyber resilience spans every element of the domestic commercial, civil and national security sectors and addresses the vulnerabilities created by the expansion of information technology and the knowledge economy. Activities in this segment include design, integration and implementation of solutions that secure information and communications networks.”
Cyber resilience can be broken down into three categories: information security, IT security and operational technology (OT) security.
Information security: The practice of defending electronic and digital data and information from unauthorized access/intrusion, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
IT security: Secure content and threat management (endpoint, messaging, network, web, cloud), security, vulnerability and risk management, identity and access management and other products (e.g. encryption/tokenization toolkits and security product verification testing), and education, training services and situational awareness.
Operational technology (OT) security: Monitoring, measuring and protecting industrial automation, industrial process control and related systems. Cyber resilience may involve the development of tools and the integration of systems and processes that permit hardening of tactical systems or broader networks, encryption, cyber forensics, incident response, and others. Capabilities developed in this domain may increasingly draw on AI as an enabling technology; for example, networks may autonomously and dynamically defend against intrusions and repair themselves if disrupted.
The Innovation for Defence Excellence and Security (IDEaS) program is a prime example of Canadian investment in pressing defense and security challenges. The $1.6 billion program will be providing innovation funding over the next 20 years to pressing defence and security challenges including–you guessed it–cybersecurity.
Here are some past IDEaS challenges that offer a peek into Canada’s cyber priorities:
Understanding cyber intent: Canada’s defense and security agencies need to be able to distinguish between targeted malicious cyberattacks and broad opportunistic cyberattacks.
Detecting and responding to hostile information activities: Social media and online mass communications are increasingly being used to influence targeted audiences and undermine national values, cohesion, and authority. There is a need to be able to identify, assess, and respond to such cyberattacks.
Cyber attribution for the defence of Canada: Cyber-attacks come in many forms. The Department of National Defence (DND) is looking for innovative solutions on accessing, interpreting, and comparing all available evidence to best identify and attribute the source of an attack.
On October 1, 2018, Canada officially established its unified Canadian Centre for Cyber Security. The Centre is a merger of 750 employees from existing cyber security operations at Public Safety Canada, Shared Services Canada, and the Communications Establishment under one roof and with one simple mandate: to maintain a safe and secure cyber space for the security, stability and prosperity of the country.
Upholding this mandate is going to be a lot more complicated, and it will require new heights of Canadian technology and innovation. I–for one–am excited to see what the future brings!