Skip to content

Intel’s Security Flaw Puts Spotlight on Security by Design

Intel, Heather-Anne MacLean

Well, 2018 is starting off with a significant cybersecurity and privacy hit. Intel Corporation just confirmed Wednesday of this week that flaws in the Intel processor could leave computers – around the world – open to vulnerabilities. As the largest chipmaker in the world, computers – and not just PCs – are now exposed, and this quite frankly puts a spotlight on security by design.

Security by design is something that consumers should be concerned about. We should demand it actually. But, what is security by design? Using a simple definition from TechTarget, it is “an approach to software and hardware development that seeks to make systems as free of vulnerabilities and impervious to attack as possible through such measures as continuous testing, authentication safeguards and adherence to best programming practices.” In addition to security by design, privacy by design should also be included and with the previous definition, privacy by design should be pretty easy to figure out.

Security and privacy by design are two minimum standards that consumers should be asking about and confirming that they are being fully implemented by the companies from whom they purchase products. After all, once a consumer is compromised the level of damage can range from embarrassing to fully destroying one’s life. For example, it could be someone getting access to your social media and taking it over and posting pornography. Or, it could be someone getting access to all your credit card information and then using the information to spoof you and to get many more credit cards in your name and thus ruining your credit and leaving you with thousands or tens of thousands of dollars of debt. It can also mean someone getting access to all your personal information, including all your health records and in addition to getting credit cards in your name, posting all your medical history online and on your own social media for the whole world to see.

Security and privacy by design are not new. People have been talking about these principles for years; but the kicker is that there is no legislated requirement to ensure that companies adopt these principles and build them into their standards and operations.

This Intel discovery should really be a warning and wake-up call globally. With Artificial Intelligence (AI) and the Internet of Things (IoT) becoming more and more entrenched in our daily lives, security by design and privacy by design must become the standard and be baked-in at the start of the design process rather than just emerging after an “oops” discovery.

For those that don’t think that IoT is in their lives, think again. Do you have a mobile phone? How about a computer at home? Did you get a fancy new fridge for Christmas that can tell you when you are running low on milk? Or, how about the latest craze in home assistants such as Alexa or Google Home – perhaps this was a new addition to your life? If you said yes to any of these, then you should definitely care about security by design and privacy by design.

So, once you have updated your computers with the patches sent out from your computer provider, let’s use the Intel incident to collectively start asking, no demanding, that all software and hardware providers implement – immediately – security and privacy by demand principles, protocols and standards! If consumers stand up for their rights and only support companies that adopt security and privacy by design, this will cause all companies to follow suit. Better yet, let’s legislate it and have severe penalties in place for those that don’t comply.

Want to learn more about how security and privacy by design impacts your marketing and communications? Connect with us.

Advertisements

The Unintended Consequences of Security Cameras: Children’s Privacy Breached

Privacy, TaylorMade Solutions

These days we can expect to be “on-camera” and recorded in most public places we frequent. Despite the fact that most of us don’t think twice about this, there are significant untended privacy consequences of security cameras that we should be very, very concerned about.

First and foremost there are at least five questions we should be asking:

  1. “Who” is actually recording/watching us?
  2. What are they recording/watching us for?
  3. How long are they retaining this information?
  4. Can they “legally” record us?
  5. And finally and perhaps the most concerning, “Are they live streaming?”

This final question really rose to the top of the list just last month.  Parents and school administrators were somewhat shocked to discover that a school in Cape Breton, Nova Scotia was “LIVE” streaming live video of kids in various school locations. Of course the intention was not to live stream, but unfortunately inadequate protocols where in place and this meant that firewalls were not in place. The result, images of kids were able to be live streamed for months.

In fact, the images had been live streaming for some time. Equally disturbing is the message that was displayed with the video. “Change Password” is clearly shown with the date and time of the video. The risk here of course was that some bad actor or actors could have taken control of the video system. Equally disturbing was the fact that inn some cases, the camera position and the ability to zoom could have been accessed and actually changed.

As a parent, you would have obvious concerns with this. School administrators would have these  same concerns, but you need to add the liability issues. And then the question is, who if anyone, is liable? And, should they be?

As someone who advocates for privacy, I have a whole host of concerns with video surveillance. They really are those questions I list above. We do have a right to know these things. Of course, there are very legitimate reasons for security surveillance. And please don’t get me wrong, I think that in the right circumstances, video surveillance is not only a necessity, but it is critical.

However, let’s break down some my questions above in a little more detail:

1. Who is recording us?

It’s true that we are being recored more than we think. In public spaces there should be an expectation that there could be some sort of video surveillance. This surveillance however, is meant to be a deterrent against crime or other less than other desired behaviour. For example, I am sitting in a coffee shot right now and I decided to take a quick look around and sure enough, there are two surveillance cameras that I can spot. They aren’t actively pointed at the seating area, but rather the cash and the access to the back room.

The key to this are the words “public spaces.” Street corners are public spaces. Shopping Mall hallways are public spaces. Schools may not fit the traditional definition of public spaces. While a public space, a school is not open for any random strange to enter and wonder through. Additionally, public but private spaces such as lorckerrooms, change rooms or washrooms are not truly public spaces.

An additional layer of complication is when children are involved. In these cases there does need to be extra precautions. There are many legal requirements when it comes to capturing images of children and how you use those images. In my business, I will not use a photo of a child, unless I have written confirmation from the parent(s) that I can. Live streaming children does not pass the smell test. In other words, if you are live stream children, make sure you have your legal requirements covered and most importantly protect the identity of the children!

2. What are they using this information for?  

Remember that when using surveillance cameras, the information collected should be done in such way that the minimum amount of information is captured.For example, there is an expectation in change rooms and washrooms that there would be no cameras. If using cameras for security at a banking machine for example, the camera should not capture images of people walking by on the street outside the bank.

Additionally important is the capturing of audio. This is yet another level of detail that impacts privacy. Capturing images is one thing, but capturing conversations is a real intrusion upon one’s privacy. Live streaming it takes it to a whole other level of violation of privacy.

People have a right to know that they are being recorded and signs should be posted. You see this in airports for example.

3. How long is the data kept?

As stated previously, if surveillance is recorded, the information captured should be such that it is not capturing more intelligence than what is needed. Additionally, keeping this information is not something that is meant to be indefinite. Organizations must look at retention schedules. These of course can vary, so it is important to set realistic timelines and to properly delete the files.

Laws do change over time and what you may be able to now, you might not be able to in the future. There is definitely a need to balance the rights of privacy of individuals while also collecting data that is needed to protect citizens. If you are using surveillance cameras, be sure to check with the applicable legislative and legal bodies for your region.

Want to learn more about privacy and how it impacts your marketing and communications? Connect with us.

Blue Spurs and the Internet of Things Case Study

Heather-Anne MacLean, TaylorMade Solutions

[Editor’s Note: This post previously appeared on the CyberNB blog]

We all interact with the Internet of Things (IoT) every day. Our kids interact with the IoT every day. Everything from our mobile phones to our smartwatches to the devices used to heat and cool our homes are connected to the IoT.

Despite connecting with it every day, many of us still don’t really know what it is.

Like cybersecurity, the IoT is one of the fastest-growing sectors of our economy. To put it in perspective, Ericsson has predicted that there will be 28 billion internet-connected devices by 2021. IoT is a natural tie-in with cybersecurity which makes this case study and interesting connection to educating our students and growing the talent pipeline.

Most importantly, it’s essential for our students to learn about IoT and the job possibilities it brings. To help students learn about its full potential Canadian-based Blue Spurs has created the Blue Kit, a creative, low-code product that teaches students about IoT.

For a complete look at Blue Spurs and how this award-winning Blue Kit evolved download the case study.

 

The Sunday Brief for Sunday August 20, 2017

The Sunday Brief heatherannemaclean.wordpress.com

For this Sunday Brief I am focusing on the top blogs I enjoyed about privacy. As this is a growing issue, all MarComm Practitioners and business owners should be placing more priority on privacy. In fact, in the industry we say that you should be baking-in privacy planning (as well as cybersecurity) from the very beginning. So, with that in mind, let’s check out the latest Sunday Brief:

Dark Reading

This blog always has insightful information. This time, I am focusing on a post by Kelly Sheridan. The post is entitled 50% of Ex-Employees Can Still Access Corporate Apps. From a privacy and security perspective, this is a disaster waiting to happen. As Sheridan points out, the value of data is significant and the probability of a data breach is much higher when you fail to do one of the number one – and easiest things – to protect your client data – disable access. This is a great read and a ‘must-do’ practice for all organizations.

 IT Security Guru

I find this article really fascinating. I work hard to keep my work and personal lives separate. I have always maintained two phones – one for my personal “stuff” and one exclusively for my work. So, when I saw “Employees rate mobile privacy highly, as less than half prefer to keep work and personal lives separate,” I was somewhat surprised that less than half want to keep their personal lives separate and distinct from their work lives. This blog post was written by Dan Raywood.

Interestingly enough more than 84 per cent of employees rate privacy as a top three concern. However, there is a clear lack of trust in the ability of their employer to manage their mobile security and privacy. That is pretty significant.

This is article is very interesting to me in terms of the lack of trust that exists and secondly that so many people aren’t concerned about keeping their private lives separate from their employers. The two concepts don’t seem to align.

BH Consulting 

This particular entitled Doing privacy ‘rights’ vs doing privacy ‘right’ by Valerie Lyons gives an interesting look at privacy and different roles that individuals, government industry play.

 

All three blogs are a great read. I encourage you to check them out if you are interested in privacy-related topics. And if you are looking for MarComm support for your organization, reach out to us at TaylorMade Solutions.

 

Three Cybersecurity Lessons from the Internet Outage in Eastern Canada

cybersecurity, bell

If you were in Eastern Canada or trying to connect with someone in the region for work or pleasure on August 4th, you might not have succeeded for a period of three hours or so. While this event was NOT tied to a cybersecurity breech or issue, there are three cybersecurity lessons that we can learn from the Internet Outage in Eastern Canada.

One service provider, Bell, confirmed this week that it was a perfect storm of the work of construction crews -unrelated to Bell’s operations – not checking for cables prior to digging that resulted in service to internet, mobile and landlines being impacted. This outage also impacted emergency services in much of Atlantic Canada. (Another good reminder for construction crews to call before you dig.) Bell’s customers were not the only ones affected. Telus, Koodo and Virgin customers also had interrupted services. Thankfully they took action quickly and remedied the situation as quickly as possible.

So, other than an extreme inconvenience to customers, there are some observations we can make from this experience. This outage can really help people think what would happen if there was a major cybersecurity attack in Canada. This is something good to come out of this outage – getting people thinking about what-if scenarios.

1.  Our Economy Depends on the Internet

I feel like this should be a no brainer, but at the same time I do want to reinforce this thought. We typically have such reliable internet services that we don’t give it a second thought. If anything, this outage should have really pounded home the fact that a cyberattack could not only have the same affect, but the likely hood that it would only last a few hours, is slim to nil. The affects would be long-lasting.

This outage impacted not just consumers of these service providers, but businesses in general. If your business relies on the internet for online sales or providing support services, your customers, regardless of where they are located were not able to purchase your products or services for hours. They also were not able to get online support services from you. If they went old school and tried to call you, they were also out of luck. In some cases, this might be enough for potential customers to go to your competitors.

What if you were delivering online training to customers around the globe on that fateful Friday? People who had paid and signed up weeks prior were then either dumped from the online course and/or could not sign-in.

Finally, this was a long weekend in Canada. Imagine people travelling and wanting to make last minute hotel accommodations. What happens when they can’t get through to you? Or, what happens when their car breaks down on a highway somewhere and they can’t use their phone for hours to call for help? This was the middle of summer and warm. What would happen if this was the middle of January in Eastern Canada?

These are all very real scenarios that could happen as a result of a cybersecurity attack.

2. Our Safety Depends on a Safe and Resilient Internet

I am fairly certain there were people who dialled 911 or other emergency service numbers on the 4th that were quite alarmed when they could not actually reach help. Whether it is hours or minutes, time matters in an emergency!

3. Security and Privacy, Backup Systems and Processes Must be Baked-In at the Beginning of all Systems

We must never underestimate security, privacy, backup systems and processes being what we call “baked-in” at the beginning of any system development. All new systems must be created with these critical elements a part of the planning, development and execution process.

It is critical to note that this has not always been the case. It’s not that it was left out intentionally, but older systems could have been built at a time when cybersecurity breaches were not the reality. That being said, it is very much our reality now. As a result, all businesses and governments must now revisit and update their systems to ensure that these critical elements are baked-in going forward.

Eastern Canada has been fortunate to have good systems in place run by leading companies. This outage however, was definitely – or should definitely be – a wake-up call for us all to revisit cybersecurity measures to ensure that we protect our citizens and our economy. After all, we need a safe and resilient internet in order to operate our businesses, our emergency services and live life the way we have all become accustomed too.

Cybersecurity is a critical issue that we all face now. If you are interested in learning more about communications protocols around cybersecurity and privacy breeches, get in touch with us.

Four Reasons You Should Have Cybersecurity Insurance

cybersecurity, cyber security

Do you have insurance on your house? Of course you do. So, the question is why wouldn’t you protect your business – your source of income – the same way you protect your home? Cybersecurity insurance won’t stop a breach. It will, however, help raise awareness and cover damages, should you be attacked.

Small or medium-sized business owners should check out these four reasons to have cybersecurity insurance.

GENERAL LIABILITY INSURANCE DOES NOT TYPICALLY COVER CYBERSECURITY ISSUES

Data breaches and other cybersecurity issues such as ransom are not typically covered in general liability insurance policies. It’s essential to understand what is, and what is not, covered in your policy.

COST OF A BREACH IS MORE THAN YOU THINK

The damage caused by a data breach will exceed the cost required to overhaul security procedures or replace lost or stolen laptops. Many business owners and managers fail to consider the costs over and above replacing tangible assets.

For example, the financial impact on corporate reputation could be devastating. Reputation costs range; it could be a few thousand dollars to build new processes and policies to reassure customers it won’t happen again. On a larger scale, it can result in stock prices dropping significantly. In worse case scenarios, approximately 60% of small businesses will cease operations within six months of a breach according to the U.S. National Cybersecurity Alliance.

A final cost consideration is the penalties rendered as a result of a data breach. Canada, like most jurisdictions, continues to modify its privacy regulations. It is anticipated that sometime this year, regulations requiring notifications of data breaches will be implemented in Canada. Fines of up to $100,000.00 could be issued.

YOU ARE STILL RESPONSIBLE FOR DATA PROTECTION EVEN IF YOU OUTSOURCE YOUR IT HOSTING OR USE THE CLOUD

Business owners and managers often fail to understand this important nuance. Just because you outsource IT, have another party host your data or use the cloud, does not remove your responsibility to protect personal data. You have collected the data, therefore, by law you hold the responsibility to protect it.

YOU PROBABLY DON’T HAVE A RISK MANAGEMENT TEAM

Risk management teams are reserved for larger organizations. They have bigger budgets and access to more resources for their overall operations. They look for, and assess, all types of risks, not just cybersecurity or data risks.

Smaller businesses have neither the budget nor the ability to have full-time risk management teams. Insurance providers typically have checklists or a minimum set of standards to follow for coverage. This is very similar to home insurance. If your insurance company recommends a new roof for example, and you don’t comply, don’t expect coverage if you have a major leak.

Cyber insurance is continuing to evolve as cybersecurity issues emerge. The one thing for sure, however, is that cybersecurity insurance can help protect your operation, your employees’ source of income and your client’s data.

Want to learn more about cybersecurity communications? Contact us at TaylorMade Solutions .

This blog post was previously posted on the CyberNB blog.

What Your Business Doesn’t Know About Cybercrime Will Hurt You

cybersecurity, cyber security, Heather-Anne MacLean

Cybercrime isn’t going away. In fact, it continues to grow. Cybersecurity Ventures predicts that cybercrime will cost the world in excess of $6 trillion annually by 2021. If that number doesn’t alarm you, the fact that 43% of attacks are focused on small business, and that 60% of small businesses attacked go out of business within six months, should.

In April, the Canadian Chamber of Commerce issued a report entitled: Cyber Security in Canada: Practical Solutions to a Growing Problem. This extensive report provides insight on the current cyber landscape, including business costs and business losses due to cybercrime. It also provides information on the growing role of cybersecurity insurance in protecting businesses. It also offers results from their important and timely research detailing significant gaps in five key areas. (Recommendations from the report are below):

  1. Technology;
  2. Public Relations;
  3. General Awareness;
  4. Legislative Requirements; and
  5. Insurance

This report is particularly interesting for small and medium enterprises (SMEs) because of the statistics above. “All companies are targets for cyberattack, and specific solutions change daily. Yet in many companies, there is a lack of ability to recognize these breaches. Today’s attacks are about the data, not the company or person, and they are designed to be invisible.

SMEs continue to believe risk does not apply to them because they believe criminals are targeting large enterprises. While this was certainly the case for a number of years, a shift that emerged beginning in 2013. Especially relevant and noted by Symantec in 2015, was 43% of Small Businesses were the focus of spear-phishing attacks versus 35% of large businesses.

One of the most significant and famous breaches–the Target attack–occurred as a result of a small business. It was an HVAC company working with the retail giant, which consequently had week security. A part of Target’s supply chain, they were ultimately breached and most probably unaware. This meant that criminals were able to breach Target. Three years later reports in the media detail how Target has agreed to pay $18.5 million to settle claims by 47 states and the District of Columbia. This is over and above the total cost of the data breach being $202 million. And what happened to the HVAC company? It went out of business.

Consequently, the Canadian Chamber of Commerce acknowledges in its report, SMEs know they have to do more. With 98 percent of Canada’s economy comprised of SMEs, taking steps to obtain cybersecurity certification, cybersecurity insurance, and more is not something that can be postponed any longer. “For most companies, data is now their most valuable asset. Our goal is to point business in the direction of finding a common sense approach to risk management to protect those assets,” notes Scott Smith, Director, Intellectual Property & Innovation Policy, Canadian Chamber of Commerce.

Recommendations

The Canadian Chamber of Commerce provides nine specific recommendations in this report that merit review and understanding to help mitigate cybercrime.

  1. Government cannot protect everything, but it does have pivotal responsibilities
  2. We need an outcome-based, systemic/cohesive approach and common model of understanding
  3. Develop a “Secure Canada” Approach
  4. Develop a National Cyber Policy Framework
  5. Adopt an Enterprise Risk Management Approach and Collaborate
  6. Increase Canadians’ Cyber Savviness
  7. Government endorsement and support for the deployment of Industry Certification
  8. Incentivize Security Innovations
  9. Both government and industry need to take a proactive approach to the inevitability of Quantum and develop a Quantum-ready Strategy.

For more information download Cyber Security in Canada: Practical Solutions to a Growing Problem.

This post previously appeared on the CyberNB Blog.

5 Things You Probably Didn’t Know About the Irish or Saint Patrick’s Day

TaylorMade Solutions (Canada)

Did you know that New Brunswick’s oldest City – Saint John – is known for its strong Irish roots and history? And for those ready to celebrate Saint Patrick’s Day, we thought we would share a few interesting tidbits with you. If you have more to add to the list, let us know!

1. According to The Irish Story, more than 150,000 immigrants flooded to Saint John between 1815 and 1867. That’s 150,000 people!

2. Following the Great Fire which levelled much of the city’s central peninsula on June 20th, 1877, Saint John was rebuilt almost exclusively by Irish labour.

3. St. Patrick wasn’t Irish and he wasn’t born in Ireland. Patrick’s parents were Roman citizens living in modern-day England, or more precisely in Scotland or Wales (scholars cannot agree on which). He was born in 385 AD. By that time, most Romans were Christians and the Christian religion was spreading rapidly across Europe.

4.The original colour associated with St. Patrick is blue, not green as commonly believed. In several artworks depicting the saint, he is shown wearing blue vestments. King Henry VIII used the Irish harp in gold on a blue flag to represent the country. Since that time, and possibly before, blue has been a popular colour to represent the country on flags, coats-of-arms, and even sports jerseys.

Green was associated with the country later, presumably because of the greenness of the countryside, which is so because Ireland receives plentiful rainfall. Today, the country is also referred to as the “Emerald Isle.”  

5. Corned beef and cabbage, a traditional Saint Patrick’s Day staple, doesn’t have anything to do with the grain corn. Instead, it’s a nod to the large grains of salt that were historically used to cure meats, which were also known as “corns.”

Now of course, this post is just for fun. If you are looking for help with your Marketing and Communications strategy, and specifically to be cybersecurity communications preparedness, connect with us. We can help.

How to Spot a Bad Social Media Practitioner

social media, TaylorMade Solutions

I had one of those moments this morning.

You know that exact moment when someone says something, or you read something and your jaw just drops. You can’t believe what you are hearing or reading! Thankfully I was alone when I had this reaction. Not a flattering look I am sure.  And, on top of that, I had some commentary that just slipped out without my filter being turned on. So what made me react this way? No, it was not travesty or injustice for human-kind. I am grateful for that. No, it was more related to my profession, and specifically using social media to communicate and market your product, service or region. So, this inspired me to write this post: How to Spot a Bad Social Media Practitioner.Social Media

Now, let me start by saying that I am sure that the person in question was only doing his job. I am sure that he has processes, procedures and protocols in place. Despite this however, what he was recommending went against everything I believe in, when it comes to communications. His recommendation to people – business people- was to use it in the same manner that people used advertising 15 years ago. It was all about push communications and not REAL communications. Needless to say, the end results, I suspect, will not net the results expected.

So, let;s turn around a negative and look at 5 ways to help you select a marketing/communications practitioner who can actually help you:

1.  Resist the Urge to hire the Person or Company Who Claims to be a Social Media Expert.

Like Malcolm Gladwell said, it takes at least 10,000 hours to become a master. Very few people consider themselves masters in social media, including me – despite having 10,000+ hours into it. Why? The answer is simple, there is more to using social media than meets the eye. Practitioners like myself know that there are many layers to doing it well. Each scenario is different and we have to draw upon many levels and years of experience to make it work.

2. Avoid a Person or persons Who Only Focus on Social Media

This is a recipe for disaster. Social media is not an means to an end. No, social media is tool in the toolkit. However, to effectively use that tool you need an overall integrated marketing/communications plan. Everything must work together to reach an overall goal and objectives that all align to your overall corporate objectives. That is why it is very important to hire either a full-time resource and/or consultant who understands that social media is not a stand-alone. Social media must be part of the larger integrated strategy.

3. Hire Based On Experience/Strategic Abilities – Not Age

I have written about this before. While I fully support hiring new graduates, you shouldn’t expect a new graduate to know how to develop strategies tied to business objectives. Remember, and this is very important, using social media for personal purposes is very, very different than using it for business purposes. If you want to build a quality team, hire a seasoned professional and then let that person build his or her team, which will likely include new graduates.

4. It’s Not About You! Remember That

More than a decade into social media and inbound marketing, I still encounter so many companies that only want to talk about themselves, who they are and what they do. Research, company case studies and results continue to indicate that customers and potential customers don’t really care about hearing about your awards, what your team did last weekend, etc. Your clients/customers and prospects want to be educated. They want to know that if they work with you, they will be getting value for their money and getting benefits from the relationship.

Your marketing, including your social media should not be about you. It should be about your clients/customers and prospects. And, with that in mind, you should be using the channels where they are, not where you want to be. Finally, communicate and engage with them. Your social media resource, whether full-time or a consultant should be encouraging you to engage, not just push messages.

5. Last But Certainly Not Least: Remember Your Audience

Based on all the above, you should always be focused on your audience. Who are you ultimately are you trying to influence? Your marketing resource should always be focused on your audience and doing what is right to reach the audience. A person with real expertise will always want you to focus on your audience. He or she will recommend that you have a persona exercise which will identify who your primary and secondary audiences are. Then you will know what channels to use to reach them and what tools to use  – from online, to traditional to web and everything in between when and where applicable.

For many of us who have been working with individuals and companies for years to build solid integrated marketing/communication strategies that include social and digital media strategies, I have to confess that we should be beyond discussing the need for implementing the basics, but we just aren’t there yet. However, when I work with clients who take the plunge and do a full integrated marketing strategy and start seeing the results, I get as excited as they do!

Want to learn more about integrated marketing strategies and how they can grow your business? Contact TaylorMade Solutions today!

 

Great leaders and all self-help management books tell us that in order to be good communicators, you need to first be a good listen

An Interview With Cybersecurity Expert: Dr. Natalia Stakhanova

Cybersecurity risk management and mitigation is at the forefront of discussions in boardrooms globally. With an estimated annual burden of up to $1.7 trillion resulting from data loss and downtime (often from security violations), both the c-suite and shareholders have called on security experts to get out in front of the risk.

Researchers and research initiatives are the foundation for accomplishing this. At New Brunswick’s Information Security Centre of Excellence (ISCX), researchers like Dr. Natalia Stakhanova are leading the way with the support of funding, innovative partners, and an unparalleled focus. As one of the leading researchers in the field, Dr. Stakhanova was recognized in 2014 as the first NB Innovation Research Chair in Cybersecurity.

cybersecurity

I had a chance to sit down with Dr. Stakhanova to talk about her work.

MacLean: You were named the first NB Innovation Research Chair in Cybersecurity, can you tell us about what you want to accomplish in this role?

Dr. Stakhanova: I continue to be very excited about this initiative. Over the next few years we will be facilitating the research that will foster innovation in the field of cybersecurity. An important component will be my team working very closely with local industry to promote further commercialization of products that will benefit companies around the world.

There is already a significant level of expertise right here in New Brunswick. We will be building upon our core expertise and further developing the skills and assets that we have right here. There is a great culture of innovation and entrepreneurship among the people collaborating in this space right now. And the best part is seeing the actual results.

To generate a renewing pool of local talent, I’ll be mostly focused on building student knowledge, expertise and entrepreneurial spirit. I’m hoping that in this endeavor the Dr. J. Herbert Smith Centre for Technology Management & Entrepreneurship (TME) will step in with its programs to give students necessary skills and tools to become entrepreneurs.   

MacLean: How will you be working with other New Brunswick companies, students, and people?

Dr. Stakhanova: A major part of my role is to assess the risks that the local industry has, and to provide the research with practical applications to mitigate those risks. My work facilitates research in both the private and public sectors. Several local players have already come on board and are ready to work in a collaborative environment to focus on such issues as Smart Grid to address security-related challenges. Among these players are IBM Canada, Sentrant, and NB Power. We are also working closely with several startups. I know that through the research there will be additional commercialization.

MacLean: How does New Brunswick stand in this field of research and innovation compared to other regions?

Dr. Stakhanova: There is no question that there is a lot of support in Canada for these R&D centres and we are well positioned here at UNB with other global areas. We have leading expertise, lots of researchers, and interested private sector companies. There is an excellent relationship between UNB and the private sector. This fosters collaboration, innovation and the drive to succeed.

MacLean: What do we have here in New Brunswick that positions us better than other areas?

Dr. Stakhanova: I can’t name any other province that has as many initiatives, activities and investments in play at one time to support the Information Technology (IT) industry. There is just so much innovation and research taking place right here in New Brunswick. We also have a unique solidarity of people here in the province. People want to be here. This is so rare and wonderful.

There are of course developers elsewhere, but the developers that are here have a unique connection to the province and its people. They are loyal and can’t be lured away in the same way that you see happening in other regions. This creates a wonderful stability.

MacLean: Do you see spin off companies emerging or other companies wanting to locate here in New Brunswick to take advantage of the work that you are doing?

Dr. Stakhanova: Absolutely. We are already seeing companies from outside the region that are quite interested in what we are doing. These are still early days, but we are hearing from a lot of people.

MacLean: What made you choose to come to New Brunswick and UNB?

Dr. Stakhanova: I moved to Fredericton in 2007 as a professional Fellow. I fell in love with the region immediately. It is one of the most family-friendly places I have ever encountered. There is also a personal touch at UNB. It is essential and critical when education is involved to be able to collaborate, have mentors and to have access to as many private sector companies as we do.

It is truly a unique experience to find a place to grow professionally, while also having everything you would want for your family.

Cybersecurity is one of the most important issues of our time. If you are a small or medium business, cybersecurity should be more top of mind. We can help you develop your Marketing and Communications strategy to handle communications around a breach. We can train you and your team to be media ready. Be Prepared! Be Trained! Have a TaylorMade Solution – Contact us today.

Editor’s Note: This is a post that I originally wrote for Invest NB’s Blog and has since be reposted to Opportunities NB’s Blog.