Being proactive and people-focused is the most effective protection against online attacks, a leading expert says.
Cybersecurity is one of the most serious economic and national security challenges we face.” Those are the opening words of the Honourable Harjit Sajjan, Canada’s Minister of National Defence, in the latest National Cyber Threat Assessment. The document is a chilling look at data and credential security in a rapidly-digitizing landscape faced with rising incidents of cybercrime and increasingly sophisticated threats. According to the Canadian Internet Registration Authority, more than 80 percent of the nation’s organizations were targeted by a cyberattack in 2020, while many companies identify cybersecurity as their number one operational concern in 2021. So what can Canadian organizations do to defend themselves effectively?
One of the best ways to approach the challenge is, first and foremost, as a people problem. “You can spend a lot of money on technology and have all the right hardware and software in place,” says Nim Nadarajah, Partner at Canadian cybersecurity firm CrucialLogics, “but the weakest link in the security chain is always going to be the end user.”
During the pandemic, the importance of strengthening this link grew even more acute as the rise of working from home dramatically shifted the need for cybersecurity beyond organizational spheres into the personal realms of employees. “It’s not just about having a lock and alarm on your front door,” Nadarajah says. “You need to make sure that it’s locked every night and have a plan for when the alarm goes off.”
Anticipating danger is the first and best defence
According to Nadarajah, maintaining such a plan and ensuring real security requires a continuous mindset of vigilance and action. These days, cyberthreats are innovative, prolific, and diverse, as are the actors who initiate them. Many companies know this but may not be equipped to tackle digital perils in all their forms and mutations. It takes the right tools and expertise to stay one step ahead of the bad guys in such a murky climate.
Trusting the right security partner is key
Nadarajah believes that true peace of mind comes from an open and honest dialogue about vulnerability within an organization. “Transparency is where a lot of organizations in the cybersecurity space fail,” he says. “If we have a customer who’s willing to work with us and give us the keys to the kingdom, we’re going to show them how we’ve fortified it, the defence mechanisms we’ve put in place, what we’ve caught, and what got through.”
In truth, Nadarajah says, “some attacks are always going to get through, but it’s how you handle the response and remediation that’s important.” And on that front, CrucialLogics is well-armed.
Nadarajah is one of three partners that started CrucialLogics. He’s joined by Amol Joshi and Omar Rbati, who started CrucialLogics as an advisory-first company whose goal is not to sell technology but to help companies demystify and enable security.