Intended as an “early defense system” against enterprise IT security threats, the Canadian Advanced Technology Alliance (CATAAlliance) earlier this month announced its new cyber threat management initiative.
The Cyber Security Resource Centre (CSRC) is designed to foster best practices and encourage Canadian business and government organizations to openly report and share information on cyber incidents (IT security breaches, viruses, worms, etc) to the larger IT community.
Citing a CATA-sponsored study which reported more than 80 per cent of companies polled note IT security as a concern, CATA Alliance president John Reid said security of information and protection from unauthorized access to data should be incentive enough for groups to be forthcoming about internal cyber threats.
The goal, according to Reid, is to expand the number of companies that report intrusions into the network. The site is designed to function “almost like the ISO site for Canada and part of the international standard for doing so,” Reid noted, adding the more organizations contribute, the better the community and understand the various weakness in IT infrastructure.
The CSRC is a component of CATA Homeland Security Task Force, designed to enhance homeland security by characterizing threats to Canada’s information infrastructure. Reid noted the resource should be particularly beneficial to small companies that don’t have large engineering teams. CATA also announced the launch of the CATA CanCERT Alliance, which will support the organization as a third party for groups to anonymously share information on cyber-incidents.
The CSRC will act an a repository for reports about cyber incidents and attacks having an impact on Canadians, Reid said, adding The Centre will issue monthly and annual reports covering the threats, incidents and resources available to improve cyber threat management.
CATA partner Electronic Warfare Associates (EWA) Canada Ltd., an Ottawa-based engineering consulting and IT security firm, will play a key role towards the initiative. Jim Robbins, EWA Canada president noted that the firm was among the first Canadian representatives of the Forum of Incident Response and Security Teams (FIRST) and in 1988 established Canada’s first national Computer Emergency Response Team (CanCert).
This joint initiative, now known as the CATA CanCERT Alliance, serves to increase visibility across Canada in terms of reporting incidents, Robbins said.
“The industry needs to take a more proactive role in understanding the threats and provide assurance…that Canada is not a weak link or a back door for threats to a globally networked economy,” Robbins said. “In a network-of-networks all levels of government, business and academia are relying on each other for a safe cyber environment.”
The key is to take a “Neighbourhood Watch” mentality to protecting the network, Robbins said. The technology and product neutral resource is intended to be a “trusted” third party. “We don’t divulge where the information came from.”
“I think that there’s a still a problem in terms of reporting. Because anytime you report something you’re almost conceding that you have a vulnerability and there’s something wrong,” Robbins said. “The way that we’re moving to an e-commerce and e-government environment relying on connected networks, the worst that could happen is someone is broken into and they don’t notify you.”
According to IDC Canada Ltd., 69 per cent of Canadian organizations suffered a security breach from a virus in the last 6 months and that the overwhelming majority of businesses indicated that they lost productivity due to security breaches.
Ultimately, according to Toronto-based Steve Poelking, director of research, infrastructure and applications at IDC Canada, the federal government should take a stronger leadership role.
At the end of the day, it is the federal government that has the resources to deal with this issue, the trust of businesses to report security incidents, and the foreign policy mandate to discuss and act in the global forums where this issue will likely head,” Poelking said.