by David Bruno
THUNDER BAY – Size apparently does not always matter in cyberspace, but the lack of cybersecurity always will. Such is the case with Canada, ranked just 38th in the world in population but, as of mid-2018, recorded the third most cyber incidents in the world, according to a 2018 report.
As alarming as what we know about cyber threats is, perhaps more alarming is what Canadian citizens don’t know about cyberspace.
A survey last year of over 2,000 Canadians discovered that just 16 percent were able to accurately identify the majority of cyber terms. Almost two-thirds, for example, were unable to identify ”phishing.”
In the face of today’s cyber threats, ignorance will never be bliss.
The digital era is based on an endless supply of data. Corporations, governments, and cybercriminals now have access to the same ceaseless supply of personal data, and the results are often, as these surveys show, incomprehensible for the average user.
The dependence on data is also the Achilles heel of the modern digital network. Innovators at the bleeding edge of the tech revolution would be rendered powerless without this critical resource.
Apple uses data to improve products, Amazon uses it to price goods, Google uses it fine-tune search results, and Facebook uses it to help advertisers – all of which are critical functions of these multi-billion dollar behemoths.
However, recent scandals and high-profile data breaches have made these vulnerabilities clear to the general public. Facebook’s involvement in the Russian attack on the American presidential elections; Sina Weibo’s role in the crackdown on protests in Hong Kong; Amazon’s potential role as a supplier of facial recognition software to the U.S. government; the loss of 500 million customer details, 383 million guest records and 18.5 million encrypted passport numbers by the Marriott International chain of hotels; and just last month, the Desjardins Credit Union data breach — these are all examples of the perils of entrusting corporations with personal data.
Meanwhile, the nature of digital communications has evolved alongside the rapid progress in connected device technology. Smartphones, tablets, connected smartwatches, and virtual reality headsets have not only offered convenience but have also expanded the surface area for potential bad actors to target.
Sophisticated attackers can now track people’s locations through their fitness apps, see their dating profile matches and extract images from the applications, intercept text messages sent over a cellular network to drain a user’s bank account, and log into the surveillance equipment installed at home to spy on unsuspecting users.
Responding admirably to these challenges, the Canadian government has introduced a Digital Charter to counteract the growing cyber threats. The Charter outlines ten principles, ranging from universal access to data protection regulations that serve as guidelines for provincial governments, businesses, and policymakers to shape the digital tools and platforms used across the country.
Comprehensive government action like this is a critical element in the fight against cybercrime and data theft. But they represent only the first steps.
New policies, such as reform of Canada’s private sector privacy law, will need to be adopted and other actions taken to put meat on the Charter’s bones.
And as cyber technology – and its misuse — continues to evolve, seemingly inexorably, so must public policy, to keep apace.
While government initiatives like the Digital Charter are major steps in the right direction, individuals also need to take better charge of their own security and adopt enhanced tools to protect their own data.
Many users have turned to an effective solution – encryption. End-to-end encryption of data is essential to helping keep communications private and personal data secure. The global market for encryption tools and software is currently worth US$7.5 billion and is projected to surge in the next few years.
Borderless cyberspace will increasingly encompass everything, but it will have no room for static public policy or disengaged, ill-informed citizenry – not when cyber terrorists anywhere can potentially threaten havoc everywhere at a mere keyboard stroke. A reliable cybersecurity in the years ahead will demand both sustained actions from policymakers and continuous engagement from citizens. And we may need our best efforts to preclude the worst outcomes.
David Bruno, CEO of Secure Swiss Data, based in both Canada and Switzerland. The piece concerns the future of cybersecurity and Canada.