Robert Gordon believes that technology isn’t the key to making businesses safer. Rather, the Executive Director of the Canadian Cyber Threat Exchange (CCTX) says that it’s companies of all sizes sharing cyberattack information with each other that helps to protect them. We want to increase cyber resilience across the economy.

“The richer the dialogue, the more you start to get really powerful capabilities to go after the bad guys,” says Gordon.

This need for collaboration is why the CCTX was launched in April 2016. Initially funded by nine corporations, it now features members of various sizes and industries from across Canada.

The CCTX will be partnering with the Canadian government’s Canadian Cyber Incident Response Centre (CCIRC) and Communications Security Establishment (CSE) to provide broad, contextually rich data to its corporate members which can be rendered into actionable intelligence. This helps companies stay on the cutting edge of the latest cyberattacks and vulnerabilities.

The more technology evolves, the more ways there are for cybercriminals to find their way inside networks through cyberespionage, phishing, and ransomware attacks.

That’s why the collaborative approach of the CCTX helps members assess how secure their systems are by informing members about what’s happening to other companies in Canada.

Not just stealing information

In the past, cybercriminals wanted to steal information, says Gordon, but now the trend is for them to deny information that’s important to you.

Even though many companies say they don’t have a lot to hide, he says everyone has something of value — such as billing records and client rosters — that could fall victim to a ransomware attack.

Gordon says one important measure to consider is dwell time — the length of time cybercriminals stay inside of networks. He says it can go up to 200 days or more, and breaches aren’t easy to come across.

“It can be like finding a needle in a haystack,” he says, of trying to find an intruder in your network. “But exchanging best practices can help reduce that time and stop damage.”

Strength in numbers

Gordon believes there is strength in numbers, as today’s cybercriminals have increased patience and sophistication when plotting their attacks.

“Besides,” he says, “the bad guys do a lot of collaboration among themselves.” We want to drive up the costs for the attackers.

That’s why he feels it’s necessary to have what he calls a “cyber-mature” understanding of collaboration among Canadian companies. In Gordon’s view, open dialogues create a more level playing field to work from and give a better understanding of how best to use people and processes to combat cybercrime.

“It’s no longer the case that you have to engage in a cybersecurity strategy alone,” says Gordon.