Cyber Security

Cyber security in Canada: Time for a new approach

May 15, 2022

Isaac Straley, the University of Toronto’s (U of T) Chief Information Security Officer has called for a revamp of the national cyber security strategy in an op-ed published on May 11 in The Hill Times.

The pandemic and the shift to remote work has added to the challenges faced in information security. Given the recent geo-political events and cyber security-related incidents in Canada, collaborating and working collectively would provide a significant opportunity to secure our digital future.

Straley discussed the importance of a more integrated approach for Canadian organizations to partner with federal and provincial government agencies tasked with improving defences. He mentioned how this should go beyond the sharing of information and include security professionals working together with timely access to resources to mitigate risks.

The old approach of each organization attempting ‘defence in depth’ doesn’t work anymore. What we really need is ‘defence through partnership,’” said Straley.

Straley provided the Canadian Shared Security Operations Centre (CanSSOC) as an example of creating a shared approach in the Canadian higher education sector to work against cyber attacks. CanSSOC was founded by six Canadian Universities including U of T and now has more than 145 academic institutions participating.

Read the full op-ed in The Hill Times.

Information security news roundup: Ransomware attacks, text message scams and cyber security training

April 19, 2022

In recent years, headlines about information security incidents have become increasingly common both nationally and internationally. Cyber criminals steal passwords, personal information and other sensitive data through various types of cyber attacks. Staying up to date with cyber security news and knowing how to stay safe online will help protect your personal information.

Take a look at some interesting information security related news in the recent months.

Making ransom payment no assurance of getting data back: Telus

Ransomware attacks have been making headlines almost daily around the world. According to a recent study by Telus, almost half of surveyed Canadian organizations that suffered a recent ransomware attack paid the attacker in hopes of getting their data back, however, most did not get access back to their data.

Ransomware attacks can have significant impact – in the worst cases, shutting down operations entirely and risking loss of critical information. Learn how you can protect yourself from ransomware.

Winnipeg Regional Health Authority warns public of text message scam

The Winnipeg Regional Health Authority (WRHA) reported that people are receiving text messages claiming to be from the WRHA, asking recipients to click on an e-transfer link. This scam was reported to the Canadian Centre for Cyber Security.

This form of phishing that uses fraudulent text messages is called “smishing”. Learn more about the types of scams and frauds and how to protect yourself.

Panasonic Canada acknowledges cyber attack

Japanese electronics conglomerate Panasonic has reported that its Canadian operations were struck by a cyber attack in February after ransomware-as-a-service (RaaS) gang Conti leaked its data to the dark web. The company confirmed that action was taken to address the issue with assistance from their cyber security experts and service providers.

Check out the educational resources on the Security Matters website to learn how to stay safe online.

Cyberbreach at Rideau Hall was ‘sophisticated’ intrusion, internal documents reveal

In December 2021, Rideau Hall reported a breach of internal networks in the office that supports the governor general. Now, new documents have revealed the breach was a sophisticated cyber incident, although the office was unable to confirm the extent of the information that was accessed.

Cyber breaches can lead to loss of sensitive data and reputational damage. Timely reporting of incidents can help mitigate their impact.

University of Calgary and Raytheon Canada partner to open new cybersecurity training centre

The new Canadian Cyber Assessment, Training and Experimentation Centre (CATE) will support students in building their skills in cyber security.

At U of T, building a security aware culture is critical for protecting individuals and the university against security threats. Recently, the University partnered with the Canadian Internet Registration Authority and ORION to pilot an Information Security Awareness platform as part of building a security aware culture at U of T.

For more tips on staying safe online, visit the Security Matters website.

Building a security-aware culture

December 6, 2021

The University of Toronto (U of T) has partnered with Canadian Internet Registration Authority and ORION to pilot a Information Security Awareness Training platform for delivering information security awareness courses.

The Information Security Awareness Training pilot is part of our larger efforts to build a security-aware culture across the University and equip staff, faculty and students with the knowledge needed to protect themselves and the University against security threats, says Kalyani Khati, Associate Director, Information Security Strategic Initiatives. 

The training pilot was launched on Nov. 24 and is expected to run until February 2022. The participants will be given access to a training platform meant to provide general security awareness training to end-users with varying levels of security knowledge. The goal of the pilot is to collect participant feedback on the quality and value of the courses and to test the viability of the platform.

Approximately 150 faculty and staff members from various divisions within the tri-campus community are participating in the pilot. Their feedback and input will help guide decisions and plans to provide security training to the wider U of T community.

Stay tuned for further updates about the training pilot.

Sign up for Cyber Security Awareness Month events!

September 28, 2021

October is Cyber Security Awareness Month, an internationally recognized campaign held annually to spread awareness about the importance of information security and encourage Canadians to use best practices. 2021 marks the 10-year anniversary of the campaign, and the Information Technology Services’ (ITS) Information Security team is hosting a variety of virtual events to show you how to keep your information secure.

Coffee with the CISO: Let's talk information security

Thursday, Oct. 14, 2021, 11 a.m. – 12 p.m. (Microsoft Teams)

Coffee with the CISO: Let’s talk information security

Do you have questions about the information security sector? Are you thinking about a career in information security? Are you interested in how the University of Toronto (U of T) is navigating the evolution of ever-changing technology?

Grab a coffee and join us virtually for an informal and open conversation, hosted by Isaac Straley, Chief Information Security Officer (CISO), U of T.

This session will feature a brief presentation from Isaac, followed by a 40-minute interactive Q&A. Bring your questions and come ready to chat with the CISO!

Please note: This event is open to U of T students only, with a capacity limited to 30 attendees. RSVP by Wednesday, Oct. 13.

Registered attendees will be entered for a chance to win a Starbucks e-gift card!

Register

Coffee with the CISO: Information security over the past decade

Friday, Oct. 22, 2021, 11 am – 12 pm (Microsoft Teams)

Coffee with the CISO: Then and now – information security over the past decade

How has the information security sector grown over the last decade? What initiatives has U of T implemented to adapt to these changes? How is information security an enabler, and what are the best ways to navigate the landscape of secure computing?

Join us at this virtual event, hosted by Isaac Straley, CISO, U of T, for an open conversation about the challenges and accomplishments of the information security sector. Grab a coffee and engage in a brief presentation followed by a 40-minute interactive Q&A session with the CISO.

Please note: This event is open to U of T staff and faculty only, with a capacity limited to 30 attendees. RSVP by Thursday, Oct. 21.

Registered attendees will be entered for a chance to win a Starbucks e-gift card!

Register

Secure Together virtual panel event

Tuesday, Oct. 26, 2021, 11 a.m. – 12 p.m. (Microsoft Live)

Secure Together – An information security virtual panel event

Effective information security is an essential part of staying safe in our increasingly virtual world. In this one-hour virtual panel event, you will hear from experts in information security and workforce infrastructures, nation state threats and governmental policy.

Isaac Straley (Moderator)
Chief Information Security Officer
U of T

Abdullah Alagha (Panelist)
Cloud Security Consulting Lead, Accenture
Cyber Security Instructor, U of T

Ron Deibert (Panelist)
Director, the Citizen Lab, Professor, Political Science
Munk School of Global Affairs and Public Policy
U of T

Julia Le (Panelist)
Senior Manager, Cyber Security Education
& Centre of Excellence, Ontario Government

Q&A session to follow. All U of T students, staff and faculty are welcome. RSVP by Monday, Oct. 25.

Registered attendees will have a chance to win a $50 gift card to the U of T campus bookstore!

Register

 

All events are complimentary. We look forward to celebrating Cyber Security Awareness Month with you!