After a 4th major incident among federal and government organizations, Canadians need to know that cyber attacks are getting easier. And cyber security no longer cuts it.
In addition to the City of Hamilton’s ransomware attack, the RCMP, Global Affairs Canada and Canada’s financial intelligence unit FINTRAC have all had high-profile cyber incidents since the start of 2024. And criminals are likely having good paydays, because there are even more organizations and companies that have been victimized than just the ones mentioned above.
Cyber crime has become a global industry. Tools used to commit illicit acts are becoming cheaper and user-friendly. There’s even Ransomware-as-a-service as a business model. Not to mention how artificial intelligence is making it easier for criminals to operate. And unfortunately – Canada currently only has vague privacy and cyber regulations in place.
Every event should be a wake-up call for businesses to address the effectiveness of their information security. “Cyber” security only refers to technical protections and tools in place – but there is also your physical security (keeping doors locked, server room secured, and shredding confidential paperwork) and administrative policies and procedures.
All organizations should have a designated role in charge of their information security management. They should advise on critical decisions, understand security threats, and optimize processes as a board-level resource. They should also manage your security strategy, budget, review of risks and regulatory programs.
This could look like hiring a full-time Chief Information Security Officer, with average salaries of 150–250k a year – or, alternatively, they can outsource this position to a security firm with a Virtual CISO service offering. vCISOs have become a critical asset to leading organizations into the right position to navigate the landscape of cyber threats.
Without having the right guide, your ability to establish and maintain security defense measures will be ineffective against new and evolving cyber crime.
– Birmingham Consulting: Information Security. Like IT Should Be.
