November 25, 2015
A panel of security experts has predicted that future security breaches will include continued attacks on large companies and the use of disruptive technology that will exploit everything from “young companies” to embedded systems involving Internet of Things applications. Participants highlighted situations similar to the recent Sony hacks and said “the landscape is changing from attacks and more instances of breaches to outlets or assets are to be expected. This ranges from breaking in to a court documents online and destroying evidence, to remotely controlling a vehicle through an IP address.
They predicted that “someone could be assassinated in the next two years through a cyber-attack via hacking a pacemaker, drip, vehicle, etc.”
Organized by Toronto-based Scalar Decisions Inc., participants were Scalar chief security advisor Ryan Wilson, Ben Sapiro, senior director- security, privacy & compliance, Vision Critical, Benjamin A. Boi-Doku, managing director, Eosensa/practice leader, Scalar Decisions, Rafael Etges, executive advisor- cyber security with Strata Advisory Group, and Marc LeCuyer, area VP Canada, RSA, the security division of EMC
Members unanimously agreed that security solution providers are not keeping pace with new technology, the reason being that solutions can’t be made for problems that don’t exist yet. The panel said that to better keep up in the market, solution providers must analyze individual attacks and the attackers’ underlying motivations.
LeCuyer explained how the tactics carried out in most attacks are the same, yet people aren’t creating measures to combat these. Most, he said, are concerned with spending money on technology programs. The panel summarized by stating that security is about risk management and not implementing more technology.
According to participants, the managed security service providers (MSSP) providers are not keeping up with the threats their customers are facing today. In some cases, MSSPs are providing service from a technological level, or top-down approach, to a business model they don’t understand. Panelists explained the importance of MSSPs knowing the organization as well as an “employee and messaging with language the entire company will understand. ”
The panel was on the same day of the opening of Scalar’s Advanced Security Operations Centre, located at the company’s new head office in Toronto. In tandem, Scalar upgraded its managed security services suite, which it said will give clients the opportunity to benefit from advanced analytics, threat intelligence, and business-specific context as a part of their managed services.
Its recent acquisition of Eosensa Inc., and Mainland Information Systems places the company at 325 staff and estimated $325 million in annual revenue. Since 2008, Scalar has also acquired XSM Systems (2008), Southwest Sun (2010) and 3vis (2014).
Scalar clients include the organizing committee for the Toronto 2015 Pan Am and Parapan Am Games and The Hospital for Sick Children , for which it built high performance computing systems dedicated to healthcare research.
The company said it plans to add 59 additional head count across Canada, contributing to the need for a larger office space.