Igniting Action to Enhance Canada’s Cyber Resilience

John Weigelt

CTO, Microsoft Canada

@thumbtackhead

Think

Digital Canada 150

Canadian companies, large and small, will use digital tools to boost productivity, develop their businesses and capture growing markets at home and abroad.

Ninety-eight percent of businesses in

Canada have 1 to 99 employees.

As of 2012, there were just over 1.08 million small businesses in Canada

Cybercrime costs CDN economy up to $5.3 Billion

annually, report says

IT World Canada [2013]

How hackers allegedly stole

“unlimited”

amounts of cash from banks

in just a few hours

Ars Technica [2013]Ars Technica [2013]

Universities face a

rising barrage of cyberattacks

Malware burrows deep into

computer BIOS to escape AV

The Register [September 2011]

Researchers have discovered one of the

first pieces ever used in the wild that

modifies the software on the motherboard

of infected computers to ensure the

infection can’t be easily eradicated…

New York Times [2013]

Cyberattacks on the rise

against US corporations

Forget carjacking, soon it will

be carhacking

The Sydney Morning Herald [2013]

Rising cyber security risks to drivers as

their cars become increasingly powered

by and connected to computers have

prompted the US auto-safety regulator to

start a new office focusing on the threat…

Espionage malware

infects rafts of

governments,

industries around

the world

Ars Technica [2013]

A Changing Landscape

Breaches

A recent report published by Verizon found that 97 percent of investigated network breach incidents in 2012 could have been prevented by using simple or intermediate security controls

A Lockheed Martin official said "the firm is

“spending more time helping deal with attacks on

the supply chain” of partners, subcontractors and

suppliers than dealing with attacks directly against

the company. “For now, our defenses are strong

enough to counter the threat, and many attackers

know that, so they go after suppliers. But of

course they are always trying to develop new ways

to attack.”

- Washington Post “Confidential report lists U.S. weapons

system designs compromised by cyberspies”, May 27, 2013

Cyber Security Guidance

Where to start?

Simplify

Brown M&Ms?

• When was the last time you updated or exercised your cyber security plan?

• When did you last hold cybersecurity education & awareness training?

• When was the last time you had to change your password ?

• How many versions back is the software your organization uses?

Measure

What does normal look like?

http://www.publicdomainpictures.net/view-image.php?image=42717&large=1

Act

A little less conversation…

Scale

No organization left behind

Harness the Ecosystem

Pulling together

John Weigelt

johnwei@microsoft.com

thumbtackhead.com

@thumbtackhead