Robert Gordon
Executive Director,
Canadian Cyber Threat Exchange
Cyber threats are everywhere, and recovery costs are high. Through information and intelligence sharing, the CCTX helps Canadian organizations improve cyber resilience.
One of the most common and destructive forms of cyber attack is ransomware — a form of malware that encrypts an organization’s critical data to make it unreadable. Ransomware attacks can also steal your information to sell it on the dark web. Cybercriminals use ransomware attacks to extort money (or ransom) from the organization to restore the data.
The cost of a ransomware attack for Canadian businesses can be crippling when you consider its full implications. “It’s not just the ransom cost, but the overall recovery costs which include everything from replacing the equipment to rebuilding the network to the legal fees, forensics, and lost productivity,” says Robert Gordon, Executive Director of the Canadian Cyber Threat Exchange (CCTX), a not-for-profit cyber threat information sharing hub and collaboration centre.
Cyber attacks on the rise
Since the onset of the COVID-19 pandemic, the number of cyber attacks in Canada has been rising. In Dealing with Technology Change in Pandemic Recovery, an October 2020 survey by the Conference Board of Canada, 28% of Canadian companies reported an increase in cyber attacks, insider threats, or data breaches from the previous year.
Many of these attacks are COVID-themed, ranging from COVID-related phishing email scams, to ransomware attacks on hospitals dealing with the health care crisis, to exploiting the network vulnerabilities of employees now working from home. “They’re coming from multiple directions and hitting organizations across the spectrum,” says Gordon.
Sharing information is key to building cyber resilience
To thwart potential attacks, organizations need to focus on building cyber resilience. An effective way to achieve this is by sharing critical intelligence and information — not just within IT departments but across the entire organization and into their supply chain.
This “whole of business” approach includes having IT security personnel engage in an ongoing dialogue with business units and operations managers to identify the most critical data and understand how to protect it. It also includes educating your workforce and having policies and procedures to minimize the chance of a data breach. More broadly, it’s having conversations with suppliers to learn about their cyber resilience. “You have to remember that with all of today’s interdependencies, if any of these people go down from an attack it has a ripple effect and you’re basically out of business,” says Gordon.
Equipping Canadian companies with cyber intelligence
The CCTX enables members to reduce financial, operational and reputational risk through access to timely and relevant cyber information. Member organizations of all sizes and sectors can collaborate, share information, and receive actionable cyber threat intelligence in a protected and trusted environment. The two primary ways this is done is through their Collaboration Center and Data Exchange.
The CCTX Collaboration Centre acts as a forum for cyber professionals to share and exchange best practices, techniques, and solutions that would not otherwise be available to them. “They can learn how other organizations solved or prevented the same kind of problem, so they don’t have to do it all on their own, and that’s far more cost-effective than having to start from scratch,” says Gordon.
Simultaneously, the CCTX Data Exchange gives participants access to unique cyber threat intelligence from sources across business sectors, the Canadian federal government, and various international threat-sharing hubs. With about 180 organizations currently participating — from major banks to two-person businesses — the CCTX is open to all industries and sectors. “This collaboration benefits both individuals and the collective good,” says Gordon.