Heather-Anne MacLean, TaylorMade Solutions

Blue Spurs and the Internet of Things Case Study

[Editor’s Note: This post previously appeared on the CyberNB blog]

We all interact with the Internet of Things (IoT) every day. Our kids interact with the IoT every day. Everything from our mobile phones to our smartwatches to the devices used to heat and cool our homes are connected to the IoT.

Despite connecting with it every day, many of us still don’t really know what it is.

Like cybersecurity, the IoT is one of the fastest-growing sectors of our economy. To put it in perspective, Ericsson has predicted that there will be 28 billion internet-connected devices by 2021. IoT is a natural tie-in with cybersecurity which makes this case study and interesting connection to educating our students and growing the talent pipeline.

Most importantly, it’s essential for our students to learn about IoT and the job possibilities it brings. To help students learn about its full potential Canadian-based Blue Spurs has created the Blue Kit, a creative, low-code product that teaches students about IoT.

For a complete look at Blue Spurs and how this award-winning Blue Kit evolved download the case study.

 

The Sunday Brief heatherannemaclean.wordpress.com

The Sunday Brief for Sunday August 20, 2017

For this Sunday Brief I am focusing on the top blogs I enjoyed about privacy. As this is a growing issue, all MarComm Practitioners and business owners should be placing more priority on privacy. In fact, in the industry we say that you should be baking-in privacy planning (as well as cybersecurity) from the very beginning. So, with that in mind, let’s check out the latest Sunday Brief:

Dark Reading

This blog always has insightful information. This time, I am focusing on a post by Kelly Sheridan. The post is entitled 50% of Ex-Employees Can Still Access Corporate Apps. From a privacy and security perspective, this is a disaster waiting to happen. As Sheridan points out, the value of data is significant and the probability of a data breach is much higher when you fail to do one of the number one – and easiest things – to protect your client data – disable access. This is a great read and a ‘must-do’ practice for all organizations.

 IT Security Guru

I find this article really fascinating. I work hard to keep my work and personal lives separate. I have always maintained two phones – one for my personal “stuff” and one exclusively for my work. So, when I saw “Employees rate mobile privacy highly, as less than half prefer to keep work and personal lives separate,” I was somewhat surprised that less than half want to keep their personal lives separate and distinct from their work lives. This blog post was written by Dan Raywood.

Interestingly enough more than 84 per cent of employees rate privacy as a top three concern. However, there is a clear lack of trust in the ability of their employer to manage their mobile security and privacy. That is pretty significant.

This is article is very interesting to me in terms of the lack of trust that exists and secondly that so many people aren’t concerned about keeping their private lives separate from their employers. The two concepts don’t seem to align.

BH Consulting 

This particular entitled Doing privacy ‘rights’ vs doing privacy ‘right’ by Valerie Lyons gives an interesting look at privacy and different roles that individuals, government industry play.

 

All three blogs are a great read. I encourage you to check them out if you are interested in privacy-related topics. And if you are looking for MarComm support for your organization, reach out to us at TaylorMade Solutions.

 

cybersecurity, bell

Three Cybersecurity Lessons from the Internet Outage in Eastern Canada

If you were in Eastern Canada or trying to connect with someone in the region for work or pleasure on August 4th, you might not have succeeded for a period of three hours or so. While this event was NOT tied to a cybersecurity breech or issue, there are three cybersecurity lessons that we can learn from the Internet Outage in Eastern Canada.

One service provider, Bell, confirmed this week that it was a perfect storm of the work of construction crews -unrelated to Bell’s operations – not checking for cables prior to digging that resulted in service to internet, mobile and landlines being impacted. This outage also impacted emergency services in much of Atlantic Canada. (Another good reminder for construction crews to call before you dig.) Bell’s customers were not the only ones affected. Telus, Koodo and Virgin customers also had interrupted services. Thankfully they took action quickly and remedied the situation as quickly as possible.

So, other than an extreme inconvenience to customers, there are some observations we can make from this experience. This outage can really help people think what would happen if there was a major cybersecurity attack in Canada. This is something good to come out of this outage – getting people thinking about what-if scenarios.

1.  Our Economy Depends on the Internet

I feel like this should be a no brainer, but at the same time I do want to reinforce this thought. We typically have such reliable internet services that we don’t give it a second thought. If anything, this outage should have really pounded home the fact that a cyberattack could not only have the same affect, but the likely hood that it would only last a few hours, is slim to nil. The affects would be long-lasting.

This outage impacted not just consumers of these service providers, but businesses in general. If your business relies on the internet for online sales or providing support services, your customers, regardless of where they are located were not able to purchase your products or services for hours. They also were not able to get online support services from you. If they went old school and tried to call you, they were also out of luck. In some cases, this might be enough for potential customers to go to your competitors.

What if you were delivering online training to customers around the globe on that fateful Friday? People who had paid and signed up weeks prior were then either dumped from the online course and/or could not sign-in.

Finally, this was a long weekend in Canada. Imagine people travelling and wanting to make last minute hotel accommodations. What happens when they can’t get through to you? Or, what happens when their car breaks down on a highway somewhere and they can’t use their phone for hours to call for help? This was the middle of summer and warm. What would happen if this was the middle of January in Eastern Canada?

These are all very real scenarios that could happen as a result of a cybersecurity attack.

2. Our Safety Depends on a Safe and Resilient Internet

I am fairly certain there were people who dialled 911 or other emergency service numbers on the 4th that were quite alarmed when they could not actually reach help. Whether it is hours or minutes, time matters in an emergency!

3. Security and Privacy, Backup Systems and Processes Must be Baked-In at the Beginning of all Systems

We must never underestimate security, privacy, backup systems and processes being what we call “baked-in” at the beginning of any system development. All new systems must be created with these critical elements a part of the planning, development and execution process.

It is critical to note that this has not always been the case. It’s not that it was left out intentionally, but older systems could have been built at a time when cybersecurity breaches were not the reality. That being said, it is very much our reality now. As a result, all businesses and governments must now revisit and update their systems to ensure that these critical elements are baked-in going forward.

Eastern Canada has been fortunate to have good systems in place run by leading companies. This outage however, was definitely – or should definitely be – a wake-up call for us all to revisit cybersecurity measures to ensure that we protect our citizens and our economy. After all, we need a safe and resilient internet in order to operate our businesses, our emergency services and live life the way we have all become accustomed too.

Cybersecurity is a critical issue that we all face now. If you are interested in learning more about communications protocols around cybersecurity and privacy breeches, get in touch with us.

cybersecurity, cyber security

Four Reasons You Should Have Cybersecurity Insurance

Do you have insurance on your house? Of course you do. So, the question is why wouldn’t you protect your business – your source of income – the same way you protect your home? Cybersecurity insurance won’t stop a breach. It will, however, help raise awareness and cover damages, should you be attacked.

Small or medium-sized business owners should check out these four reasons to have cybersecurity insurance.

GENERAL LIABILITY INSURANCE DOES NOT TYPICALLY COVER CYBERSECURITY ISSUES

Data breaches and other cybersecurity issues such as ransom are not typically covered in general liability insurance policies. It’s essential to understand what is, and what is not, covered in your policy.

COST OF A BREACH IS MORE THAN YOU THINK

The damage caused by a data breach will exceed the cost required to overhaul security procedures or replace lost or stolen laptops. Many business owners and managers fail to consider the costs over and above replacing tangible assets.

For example, the financial impact on corporate reputation could be devastating. Reputation costs range; it could be a few thousand dollars to build new processes and policies to reassure customers it won’t happen again. On a larger scale, it can result in stock prices dropping significantly. In worse case scenarios, approximately 60% of small businesses will cease operations within six months of a breach according to the U.S. National Cybersecurity Alliance.

A final cost consideration is the penalties rendered as a result of a data breach. Canada, like most jurisdictions, continues to modify its privacy regulations. It is anticipated that sometime this year, regulations requiring notifications of data breaches will be implemented in Canada. Fines of up to $100,000.00 could be issued.

YOU ARE STILL RESPONSIBLE FOR DATA PROTECTION EVEN IF YOU OUTSOURCE YOUR IT HOSTING OR USE THE CLOUD

Business owners and managers often fail to understand this important nuance. Just because you outsource IT, have another party host your data or use the cloud, does not remove your responsibility to protect personal data. You have collected the data, therefore, by law you hold the responsibility to protect it.

YOU PROBABLY DON’T HAVE A RISK MANAGEMENT TEAM

Risk management teams are reserved for larger organizations. They have bigger budgets and access to more resources for their overall operations. They look for, and assess, all types of risks, not just cybersecurity or data risks.

Smaller businesses have neither the budget nor the ability to have full-time risk management teams. Insurance providers typically have checklists or a minimum set of standards to follow for coverage. This is very similar to home insurance. If your insurance company recommends a new roof for example, and you don’t comply, don’t expect coverage if you have a major leak.

Cyber insurance is continuing to evolve as cybersecurity issues emerge. The one thing for sure, however, is that cybersecurity insurance can help protect your operation, your employees’ source of income and your client’s data.

Want to learn more about cybersecurity communications? Contact us at TaylorMade Solutions .

This blog post was previously posted on the CyberNB blog.