Tech
How Canadian tech companies are stepping up to fight cyber threats
As Canadians navigate the digital age, experts agree that governments and business must work harder to keep up with ever-changing cybersecurity threats by moving more quickly to pass and implement privacy protection laws and support research.
“It comes down to two things: education and enforcement,” says Laura Payne, chief executive officer and head of security consulting at White Tuque, a cybersecurity firm which has offices in Chicago and Innisfil, a town north of Toronto.
“Cybersecurity is not a secret science,” she says. “We all need to know what the risks are and what steps you can take – and then take them.”
Many Canadian companies have stepped up cyber defence technology. For example, Ottawa-based Augmentt focuses on protecting companies that use one of the biggest targets – Microsoft365 – by identifying security misconfigurations and weaknesses, looking for suspicious behaviour patterns in real time and identifying cloud services that are connected to a company’s users, which may lead to breaches.
Kitchener, Ont.-based software company Cavelo concentrates on Attack Surface Management, which measures and manages cyber risk and helps to identify sensitive data within an organization.
Cavelo’s platform identifies things like credit card data, sensitive personal information and social insurance numbers so they can be protected, says Dave Millier, chief security officer of Mississauga, Ont.-based cybersecurity firm Quick Intelligence.
“Cybersecurity is not a secret science. We all need to know what the risks are and what steps you can take – and then take them.”
— Laura Payne, CEO, White Tuque
The number of tech companies specializing in digital forensics to help law enforcement investigate cybercrime is growing, such as Waterloo, Ont.’s Magnet Forensics and eSentire Inc., known for its Managed Detection and Response services, which actively protects businesses by stopping threats in real-time.
“A few Canadian firms are making relatively large names for themselves in security – another one that comes to mind is 1Password,” says Ceren Kolsarici director of the Scotiabank Centre for Customer Analytics and associate professor of marketing at the Smith School of Business at Queen’s University in Kingston, Ont.
1Password lets users securely autofill passwords on any device and store documents and key information such as credit card and passport numbers and reward-program data – all of which users can temporarily remove while travelling to locations that might not be secure.
And, although it’s not the consumer device company it once was, “BlackBerry holds an incredible number of patents in security that makes it a quiet juggernaut in the field,” says Mr. Millier.
Canada is also making strides in creating software to mitigate AI risks, now considered one of the top threats to cybersecurity, says Mr. Millier, who is also a board member of SecTor, an organization of cybersecurity professionals.
“AI has changed the cybersecurity landscape on both sides of the battle, and not necessarily for the better,” he explains. “Hackers are using AI for everything from writing malware code to creating really believable e-mail scams – with no spelling mistakes and proper grammar.”
“Until recently, applied AI had been limited to only those with significant financial and human resources,” says Jay Goodman, director of product marketing for BlackBerry, whose Cylance AI platform focuses on predicting and preventing attacks before they happen. “But AI is now available to the masses. Newer, easier utilized models have lowered the barrier to entry.”
On the defender’s side, AI can use predictive analysis to anticipate cyber threats before they materialize and improve guidance on how to best respond to and reduce cyber risk.
“AI still has a lot of learning to do, so right now it’s being relied upon to augment or enhance human security teams,” notes Mr. Millier.
“The sector is meeting increasingly complex threats with advanced tools like AI-driven defence, zero trust architectures and quantum-resistant encryption,” says Dr. Kolsarici.
Canada has a solid tech industry and strong cybersecurity players in the private sector, notes Dr. Kolsarici, adding that it still lags countries like the U.S. and Israel, in terms of innovation and investment.
“We rank respectably,” she says, “but to stay competitive and secure, Canada must ramp up efforts to address growing cyber threats and invest more aggressively in infrastructure and innovation,” by fostering homegrown talent, boosting investment and establishing a more comprehensive national cybersecurity strategy.
Federal agencies can do more to coordinate and support the tech sector’s cybersecurity efforts and research and development, Mr. Millier says – and need to become nimbler, as AI develops new ways to breach firewalls, gather data and attempt fraud.
“There’s a lot that businesses can do with the resources they have,” says Ms. Payne. “It’s a matter of building a culture of security awareness, implementing strong processes and optimizing the anti-cyberattack tools they already own.”