18 November 2024

Howe Street Reporter Title

The Critical Need for Robust Cybersecurity Measures: A Look at the Canadian Landscape


It has become abundantly clear that robust cybersecurity measures are not just desirable but fundamentally essential for maintaining economic stability and national security. These measures play an essential role not just for governments, but also for enterprise and the military.

The Government of Canada is a great example of a national entity that is taking considerable strides towards enhancing cybersecurity protocols. It recently announced its commitment to establishing a Canadian program for cybersecurity certification, with mandatory certification requirements being introduced into select federal defence contracts as early as winter 2024.

The initiative, steered by Public Services and Procurement Canada (PSPC) in partnership with National Defence and the Standards Council of Canada, aims to tackle the ever-increasing malicious cyber activities that target contractors and subcontractors in the defence industry. Engagement sessions with the defence industry and other stakeholders are scheduled to commence in late 2023.

But why is such a step necessary? A recent event that rocked the Canadian financial sector offers some insights. Mackenzie Investments, one of Canada’s largest investment firms, fell prey to a significant data breach. A third-party vendor, InvestorCOM Inc., was compromised, leading to the exposure of clients’ personal data, including social insurance numbers (SIN), names, addresses, and account numbers.

The incident highlighted the risks associated with sharing sensitive personal information like SINs with third-party vendors, a practice that some industry insiders believe could lead to more privacy breaches. The reality is, once a SIN is compromised, it will remain at risk indefinitely.

What’s at Stake?

According to IBM and Proxyrack data, Canada ranks third in the world for average data breach costs. In 2021, the average cost of a data breach in the country was a staggering US$5.4 million, a 20% increase from the previous year.

Ryan Berger, a partner at Lawson Lundell LLP, stressed the escalating risk during the discussion organized by the Canadian Legal Innovation Forum. “Management of this data and restricting access is an area requiring intensified focus,” Berger remarked. He indicated that organizations often overlook or underestimate the extent of the data they hold, leading to unwarranted exposures through employee misuse or ransomware attacks.

Data breaches aren’t exclusive to major corporations either. Small businesses, too, have found themselves in the crosshairs of cyberattacks. Unfortunately, many small businesses have been reactive rather than proactive in their cybersecurity approach, often believing that they aren’t likely targets. The truth is, no business is immune, and a failure to prioritize cybersecurity measures can have severe implications.

Several factors contribute to the high costs of cyber breaches. Remote working, which has seen a significant increase due to the COVID-19 pandemic, has expanded the number of endpoints that need to be managed, increasing the complexity of IT forensics and breach containment. Furthermore, businesses with less mature cybersecurity systems are at risk of amplified losses.

READ  Equitas Resources (EQT.V) producing, exploring, rinse, repeat

As we look forward, the demand for cyber insurance is likely to surge. However, it’s crucial to understand that insurance isn’t a substitute for robust cybersecurity defenses. Both businesses and governments need to proactively work towards increasing their cybersecurity maturity, implementing measures to identify and mitigate risks before they can cause harm.

As the seventh most targeted region for data breaches globally, Canada has a significant task ahead. But the planned cybersecurity certification program is a strong step towards building a more secure landscape for all stakeholders.

Recent data indicates that cybersecurity breaches can be financially devastating for businesses in Canada. An exemplary case is the breach experienced by Empire Co., the parent company of Sobeys, a grocery retailer, which cost the company a significant $54 million in profit in its most recent quarter, net of insurance recoveries. The breach led to temporary shutdowns of pharmacy operations and reduced sales, impacting the company’s profitability.

Empire Co., which operates Sobeys, Freshco, IGA, Farm Boy and Safeway and stands as the second largest grocery chain owner in Canada, also anticipates further financial repercussions from the November cybersecurity incident. A projected $32 million hit to net earnings is expected over fiscal 2023 and fiscal 2024, a sum that exceeds the company’s initial estimate of $25 million.

Digital business solutions provider Ricoh Canada noted that with increasing data comes the escalated risk of not managing data effectively. Prerna Pandey, cloud and IT infrastructure portfolio manager at Ricoh, emphasized the need for accuracy in preventing cybersecurity breaches. She also highlighted the availability of tools and software solutions for disaster recovery plans and for determining the source of a breach quickly.

Is our Infrastructure in Danger?

The risks associated with cybersecurity threats are indeed high when it comes to businesses, but it is especially concerning when it comes to critical infrastructure like natural gas distribution networks. This was brought to light with the recent revelation that Russian-backed hackers were successful in infiltrating Canada’s natural gas network, as indicated in a batch of leaked U.S. intelligence documents. However, cybersecurity experts have emphasized that gaining access to a network does not necessarily translate into the ability to cause disruption or damage.

Lesley Carhart, director of incident response for North America at the industrial cybersecurity company Dragos Inc., explains, “There’s a big disconnect between gaining access to a computer, in the industrial world, and knowing how to make it do physical things.” While criminal groups often gain access to industrial facilities, it doesn’t mean they possess the capability to initiate any substantial disruption or harm. In essence, gaining access is merely one part of the equation, while navigating the complex system and inducing physical impact is a much more challenging feat.

READ  Plurilock Security (PLUR.V) pulls in a $1.15 million dollar contract with the US Navy

The recent leak, however, has brought cybersecurity measures in North America’s oil and gas sector under renewed scrutiny. The Communications Security Establishment (CSE), responsible for Canadian foreign intelligence gathering and cybersecurity, stated that while it does not comment on specific incidents, it is “concerned about the opportunities for critical infrastructure disruption” on internet-connected technology.

Keeping a Lid on It

Plurilock Security Inc. (PLUR.V), a pioneer in identity-centric cybersecurity solutions, is making significant strides in the realm of cybersecurity. The company reported a significant increase in its Q1 2023 revenues and a considerable decrease in net losses year over year, underscoring the strength of its business model. It’s noted that the company’s total revenue more than doubled to $15,767,328, attributed to strategic acquisitions, increased organic sales, and efficient cross-selling within the Solutions and Technology Division.

Plurilock stands out with its customer-centric approach, leveraging cutting-edge behavioral biometric technologies and top-tier cybersecurity tools. These tools ensure the security of many enterprises and have been acknowledged across industries, helping Plurilock to secure larger enterprise and government customers. The company’s deep understanding of regional and global cybersecurity challenges, combined with their innovative solutions, provides them with a strong competitive advantage.

The robust financial performance and strategic moves in Q1 2023 indicate that Plurilock is well-positioned to continue its growth trajectory. The Vancouver-based company’s suite of cutting-edge cybersecurity solutions, strong financial position, and expanding customer base are testaments to its potential. With its impressive performance and robust cybersecurity solutions, Plurilock is poised to redefine industry standards while delivering value to its stakeholders.

Plurilock was founded in 2016 based on pioneering academic research that developed a novel technique for authenticating a person’s identity using behavioral biometrics. This technique brought radical benefits over traditional biometric technologies and applied this new science to the movements involved in mouse and keyboard activity. The company has since evolved to boast a world-class senior team with decades of B2B, technology, and startup expertise.

Most recently, Plurilock announced a sales order for its flagship software platform, ‘Plurilock AI,’ with an overseas utility infrastructure developer. The software, which includes Single Sign-On, Access Control Management, Password Policy, and Self-Password Reset, demonstrates the company’s commitment to expanding its sales pipeline across different key industries. Plurilock’s persistent identity assurance with unmatched ease of use makes it a critical player in today’s cybersecurity landscape.

To help fuel itself forward, Plurilock announced today that it had arranged a non-brokered private placement of up to 5.34 million units of the company at a price of $0.145 per unit for gross proceeds of up to $773,997 CAD.

READ  Globex Mining (GMX.T) – a new acquisition, recent revenue generating headlines, notes from a chat with the CEO

Each unit will consist of one common share in the capital of the company and one common share purchase warrant. Each warrant entitles the holder to purchase one common share at a price of $0.20 per warrant for a period of 48 months from the date of closing.

In addition to the previously described financing, the company also plans to complete a concurrent private placement of up to 3.1 million units for aggregate proceeds of up to approximately $450,000. The placement units will be subject to a customary four-month hold period.

Proceeds from both these financings are intended for corporate purposes and market awareness campaigns.

Adding to its string of achievements, Plurilock Security Inc. recently announced that it had received a sale order for its flagship software platform, Plurilock AI, from an overseas health care administrative services provider. This customer, who has an expansive reach with over 500 locations across 29 states, provides third-party administration in health care services.

The contract entails that the customer will license the cloud security functionality of the Plurilock AI platform, offering a suite of tools that include single sign-on, access control management, password policy, and self-password reset. These features are critical to maintaining the integrity of sensitive data, especially in a field as crucial and confidential as health care.

Ian L. Paterson, the Chief Executive Officer of Plurilock, expressed satisfaction with this new development, saying, “We are pleased to announce a new sale order for our high-margin software platform.” He underscored that this latest sale order demonstrates Plurilock’s continuous efforts to expand its global sales pipeline, a strategy that is proving successful as the company makes strides in its mission to strengthen cybersecurity measures in industries that require robust defenses.

With this latest sale order, Plurilock further solidifies its reputation as a global player in the cybersecurity landscape. It demonstrates not just the appeal and effectiveness of their AI platform, but also the company’s commitment to identifying and providing solutions for new customers around the world that are in dire need of strong cyber defenses. As cybersecurity challenges continue to escalate in scale and complexity, Plurilock is poised to provide innovative solutions that address these pressing concerns.

In Conclusion

Given the constant evolution and sophistication of cyber threats, preparing for a data breach is not just prudent, it’s essential. It’s time for all entities – government, enterprise, and the military – to bolster their cybersecurity measures and build a digital landscape that’s secure, resilient, and trustworthy.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *