You are now in the main content area

Putting cybercriminals on notice

Ryerson is harnessing resources to face the threat and strengthen the digital economy
By: Sharon Aschaiek
February 04, 2020
Computer virus characters ascending the screen

Year over year, cyber attacks are increasing at an alarming rate – individual users as well as businesses and organizations need to be prepared. Ryerson sees this challenge as an opportunity, and is approaching it from every angle.

Cyber attacks are a global phenomenon and the fastest-growing crime in the U.S., and they are becoming increasingly common, sophisticated and costly. Consulting firm Cyber Risk Analytics found that globally, 3,813 data breaches were reported in the first six months of 2019, exposing more than 4.1 billion records – increases of, respectively, 54 per cent and 52 per cent over 2018 numbers (although such crimes are thought to be underreported).

And though the business world has been the biggest target of cyber criminals, medical, government and educational institutions have also been affected. Not only do these attacks create a major financial and reputational problem for the business community, they also leave individuals feeling vulnerable and violated.

With resounding implications across our way of life, businesses, governments and academic institutions are stepping up their efforts to prevent and defend themselves and the public against attacks – creating tremendous economic and labour opportunities. Ryerson is among those leading the way in this country, which in the last few years has been developing an entire ecosystem to tackle the problem including the new Rogers Cybersecure Catalyst, a not-for-profit corporation launched last June. It was established with $30 million in funding from FedDev Ontario ($10 million), Rogers Communications ($10 million), the Royal Bank of Canada ($5 million) and the City of Brampton ($5 million).The Catalyst is also forming partnerships across the greater Ryerson community, including the DMZ and the Ted Rogers School of Management (TRSM), and the Chang School offers courses for those looking to break into the cybersecurity industry.

“Often, the discussion about cybersecurity is framed as a challenge or threat, but we lose sight of the opportunities – this is one of the fastest-growing sectors in the world,” says Rogers Cybersecure Catalyst executive director Charles Finlay. “In Ontario and in Canada, we have a highly skilled workforce and a strong tradition in technology development, so we have the capacity to meet this threat and strengthen the digital, connected economy.”

A multi-faceted mandate

The Catalyst views itself as a national centre for innovation and collaboration in cybersecurity, and its mandate is ambitious and multi-faceted: bolster the Canadian cybersecurity workforce, help Canadian businesses get a handle on cybersecurity, and educate the public about best practices.

Deloitte has forecasted that 8,000 positions need to be filled in Canada by 2021, while globally, it’s estimated there will be 3.5 million unfilled positions by 2021. Last month the Catalyst announced the launch of a National Cybersecurity Accelerator, which will provide Canadian scale-up companies in cybersecurity and related fields the essential tools they need to grow and succeed nationally and internationally. Scale-ups in the Catalyst Cyber Accelerator will benefit from DMZ's internationally recognized accelerator program, including mentoring on product strategy, marketing, talent acquisition, investment attraction, growing sales and more. The goal is to graduate 15 companies a year over a four-year period.

These companies will be poised to help Canadian businesses bolster their security before an attack happens, or implement new procedures when faced with an attack. In Canada, more than one in five businesses were affected by cybercrime in 2018. Cybersecurity Ventures found that cybercrime will cost businesses worldwide more than $6 trillion annually by 2021 through damaged data, stolen money, lost productivity, theft of intellectual property and personal and financial data, embezzlement, fraud, business disruption, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.

Rogers Cybersecure Catalyst at Ryerson also offers a 20-week accelerated cybersecurity training program specifically designed to create professional opportunities and careers for women, displaced workers and new Canadians. The training program welcomed its first round of trainees earlier this month. The goal is to graduate 640 learners over five years.

Program offerings will be augmented by resources available to the public, including online resources,  seminars, workshops and conferences throughout the year. Late last year, the Catalyst hosted four local events on different aspects of the cybersecurity landscape, such as strategies for small businesses, and U.S.-Canada cross-border cybersecurity issues. “We are on the cusp of major technological change, and we need to invest in infrastructure and people for Canada to lead in the digital economy,” says Joe Natale, president and CEO of Rogers Communications. “Through this partnership, we will build the skills and talent for the connected future.”

Partnering with Ryerson researchers

The Catalyst is working closely with the Cybersecurity Research Lab (CRL) at TRSM, helping to stimulate applied research opportunities between CRL and industry partners. The CRL conducts information security research through partnerships with industry, and trains experts in the field. Lab founder and director Atefeh Mashatan is helping to shape the Catalyst’s mandate by serving on its board of directors.

“A key part of the Catalyst’s mandate is to help expand the pipeline of research and development for the business community, which is a very positive alignment with the mandate of my lab,” says Mashatan, who was recently named a “Woman of Influence” in IT security by SC Media, a leading online cybersecurity magazine.

Another area of co-operation between the CRL and the Catalyst has to do with a new project called the cyber range, which is a virtual environment for conducting cyberwarfare training and cyber technology development. “The range makes it possible to simulate attacks, so that you can get data about what’s happening, who did the attack and which machines are compromised, and then do an investigation and work through recovering from it. It’s great hands-on practice that prepares for defending against a real threat,” says Brian Lesser, Ryerson’s chief information officer, who provides IT services to the Ryerson community with a team of about 130 employees, including eight who focus on cybersecurity.

Keeping Ryerson’s community secure

Lesser has helped position Ryerson at the leading edge of efforts to be digitally secure, both on campus and in broader contexts. In August, Ryerson became one of the first post-secondary schools in Canada to require all new students to use two-factor authentication to access their university accounts; this process has been mandatory for employees since 2018.

Lesser notes the move has helped significantly lower the number of account compromises by outsiders. Under Lesser’s leadership, Ryerson has also been making a bigger impact in cybersecurity beyond campus. The university is a member of the Canadian University Council of Chief Information Officers, a non-profit, member-funded group representing 62 universities and colleges across the country. In that capacity, Lesser is co-ordinating a cybersecurity benchmarking project that tracks the cybersecurity successes of members to help identify best practices.

As the Rogers Cybersecure Catalyst prepares to launch its cybersecurity workforce training, it will benefit from the insights of Alex Ferworn, the academic coordinator of the Computer Security and Digital Forensics certificate program offered by Ryerson’s Chang School of Continuing Education. Introduced five years ago, this open admissions program features six courses focused on collecting digital evidence and recovering from cyber attacks. Ideal for those with a basic level of computer networking knowledge, it includes practical training involving industry projects, and prepares graduates for entry level IT security positions. Within six months of completing the program, 90 per cent of graduates land jobs in the field, often at banks and insurance companies.

“The intent is for the certificate program to work in unison with the Catalyst on training,” Ferworn says. “Cybersecurity is a growing concern for all sectors, so there’s value in all of us at Ryerson working together.”

This is an edited version of the story that was first published in Ryerson University Magazine January 2020. To read more, visit Ryerson University Magazine (external link) .

More News