A group of Canadian IT security professionals hopes to officially set up a national computer emergency response team (CERT) network next month that will run round the clock.
A number of countries have CERTs, which act as warning system to spread news to the private sector and governments about cyber attacks.
A few Canadian industries them, and the federal government has the Canadian Cyber Intelligence Response Centre for its departments and critical infrastructure industries like energy and telecommunications — but it only runs 15 hours a day.
That leaves a lot of organizations without a warning network.
Ben Sapiro, the head of security and contingency at The Dominion of Canada General Insurance Co. and one of the organizers of the effort, said legal work for incorporating the not-for-profit OpenCERT Canada service should be done shortly and a call for volunteers will hopefully go out next month.
“The CERT’s function is to act as an information clearing house during breaches to get information from victims to people who can do something about it — maybe shut down parts of the network or take a server offline,” Sapiro said in an interview Tuesday at the SecTor security conference in Toronto.
It will also be used to educate organizations and consumers about good security practices.
MORE FROM THE CONFERENCE
A call for DevOps for more secure software code
Canadians naïve to believe hackers won’t target them
Dave Lewis, another project organizer who also works in the information security practice at Akamai Technologies, said that ideally Ottawa’s response centre would be doing national co-ordination but it has decided to limit its mandate. “As a result there’s a vacuum we’ve stepped into.”
OpenCERT Canada will have someone on duty 21 hours a day (from 6 a.m. Eastern to 3 a.m.). Reported incidents are confidential.
It has been quietly operating for a few months and has already helped an Israeli company, Lewis said. It discovered malware on its network was calling server in Canada. Staffers here contacted the Internet service provider “and asked them to do something about it.”
Once the legal work has been done — which includes agreements with the volunteer responders — OpenCERT Canada will be in a position to form links with similar agencies here and abroad, Sapiro said. One of them is FIRST, an association of international CERT teams.
OpenCERT Canada’s reputation will be made among IT professionals, Sapiro said, who in many cases will be fielding the calls from the agency or making them to it.
“I think this is an excellent initiative,” Kevvie Fowler, a risk consultant at KPMG Canada who is speaking at the conference. “There really need s to be a community approach to assist the government in their initiatives. I also think there is a great opportunity for OpenCERT to learn from what the government has done in this space, their future direction and vice versa. This can strengthen both CERT initiatives and ultimately the organizations of Canada.”