5 Ottawa security firms make work from home more secure
As cyber attacks are up 37%, 5 local security firms are helping teams keep secure with the increased risk of working from home.
While some countries, including Canada are easing restrictions around social distancing in recent days and weeks, the need for increased security protocols remains. Infosecurity Magazine reported cyber attacks up 37% in the month of March, 2020, the WHO reported a 5x increase in attacks on their systems and Forbes reports cyber attacks against hospitals significantly increased since COVID.
Furthermore, companies like Shopify, Twitter, and Facebook have committed to continue working from home even after the Coronavirus pandemic passes. The security risk that comes along with working from home will continue to rise as more work remotely.
Now, more than ever, security has been at the forefront of many people’s minds. According to a Pulse Security Report, these security concerns involve awareness and training (59%), unsecure networks (56%), the use of personal devices (43%), sensitive data leaving the perimeter (41%), and rapid acceleration of workflows and apps moving to the cloud (33%).
More specifically, these threat vectors include Malware, phishing, unauthorized privileged access, and vulnerability exploits.
These 5 Ottawa security companies have created solutions and initiatives to help combat the increased security risk from working from home.
As the guardians of the .CA domain registry, the Canadian Internet Registration Authority (CIRA) has more than 20 years’ experience protecting its systems from hackers.
Recently CIRA took to answering the question; how can we leverage our expertise and technology to protect all Canadians and their families?
The result was CIRA Canadian Shield, a free cybersecurity service available to all Canadians to provide malware, phishing and botnet protection, with DNS privacy for their devices and home networks.
Working with their global partner, Akamai–who provide some of the technology behind their enterprise service CIRA DNS Firewall–and the Canadian Centre for Cyber Security, CIRA is now protecting more than 70,000 Canadians with Canadian Shield. To date, more than 1.5 million attempts to access malicious domains have been blocked, as Canadians enjoy DNS privacy and online protection that is typically only accessible to enterprise customers.
The origins of this strategy stem from CIRA’s expertise with the domain name system (DNS). The DNS is used by your web browser to lookup and retrieve websites, and also serves as a primary attack vector for millions of cyber attacks.
Several years ago, CIRA leveraged this experience in DNS security to launch a growing portfolio of cybersecurity services, such as CIRA DNS Firewall and CIRA Anycast DNS, and have now used that same expertise and infrastructure to provide free protection to all Canadians.
As part of CIRA’s mandate to build a trusted internet for Canadians, Canadian Shield has infrastructure exclusively in Canada which means DNS queries have faster response time and ensures that any personal data stays in Canada, rather than on foreign servers.
CIRA Canadian Shield is completely free, easy to use, and adds a powerful level of cybersecurity and data privacy.
Learn more at cira.ca/shield.
Bluink, a local Ottawa security firm helps organizations and individuals enable fast and secure identity verification and enables password-free login. Bluink’s secure identification solutions are helping companies like Calian, Nexera Law, Tehama, Carloans Canada and the Government of Canada and Ontario to conduct secure online commerce.
As teams shift towards more remote work, Bluink is helping with remote identity verification and password-free login through its eID-Me IDentity as a Service platform. This integration allows Canadians to perform remote identity verification for services such as signing up for financial services, accessing government services or logging in Password-Free to work portals.
With the recent shift to remote work, there has been an increase concerning digital identity data breaches, identity thefts, fear of fraud, identity overload, and increasing personal device usage.
Visiting a physical location to verify our identity in person may not always be convenient or possible. For Canadians, trying to access essential services after operating hours, or services closed due to the recent pandemic, Bluink’s solution allows organizations to verify identities online, in seconds, to an Identity Assurance Level 2 (IAL2) per GOC guidelines.
You can visit https://bluink.ca/eid-me/demo to try the personal identification demo and connect with their team.
CYBERNETIQ is a cybersecurity firm that created CLAW, a software platform that creates a 3D visualization of cyber threats. The software highlights risks that help security operators to better orchestrate, investigate, remediate, and collaborate with the exposures in their cyber strategy.
When the Coronavirus pandemic first broke out in CYBERNETIQ began offering free remote work cybersecurity risk assessments, branded ‘CLAWvsCOVID”.
The COVID-19 pandemic had varying effects on Canadians. CYBERNETIQ began hearing the newfound struggles and fears of every CISO, OT, and IT managers alike looking to close the gaps of a fully virtual workforce while trying to maintain business as usual.
CYBERNETIQ wanted to contribute to the community and to do its part in supporting the security needs of Canadian companies practicing remote work. They offer complimentary network risk visibility maps and work with any team looking to ensure its workforce is fully operational, effective and secure in these rapidly changing times.
Send a note with “CLAWvsCOVID” in the subject line to firstname.lastname@example.org, to connect with their team to help maintain resilient systems.
Reshift security & Software Secured
Reshift security and Software Secured have teamed up to host a weekly webinar series for developers, security professionals, and technical leads. Each week, attendees are introduced to a new vulnerability from the OWASP Top 10 application security attacks. They see real company cases of where that attack led to a cyber security breach, perform a hands-on lab and learn how to mitigate the vulnerability in their code.
Teams from companies including CGI, Siemens, Titus, 7.ai, CIBC, Trend Micro, Knak and students from Willis College and Northern Virginia Community College have been learning how to protect themselves and their workplaces from cyber attacks in response to COVID-19.
“I’ve recently taken on some more security focused engineering work in my role at Siemens and these webinars provide a fun and informative way of both refreshing concepts I’ve learned and fleshing out the concepts to real-world edges.”
Nicholas Hebert – DevSecOps Lead, Siemens
“We are helping software development teams adapt to the new norm, learn new skills and get out of these uncertain times with both stronger teams and stronger applications.”
Sherif Koussa – CEO & Founder, Software Secured and Reshift Security
Sherif Koussa is an OWASP Ottawa Chapter Co-Leader, Software Developer, Hacker, and Secure Coding Instructor. Sherif began his security career as the lead developer for OWASP WebGoat 5.0, and served as a mentor for SANS Institute and exam consultant for GIAC, where he authored more than 500 Java and .NET questions. He also worked for Wells Fargo Bank in the central security code review team.
100 million lines of code later, Sherif brings lessons learned from writing insecure code as a developer, along with years of experience as a security code review engineer and pen-tester, finding vulnerabilities in custom code.
“I have been enjoying the sessions. They are value-packed. Sherif and the team are doing a great job of keeping everyone engaged and making these sessions super interactive.”
Nancy Gariché – Senior Cyber Security Analyst, Government of Canada
Reshift security is a developer-first code security tool that automatically finds vulnerabilities in custom code and provides real-time code remediation while fully integrating into the existing software workflow.
Software Secured is a penetration testing as a service firm that helps technology companies continuously ship secure code while staying compliant. In addition to offering instructor-led secure code training which helps development teams shift security left.
With attendees from over 20 countries, the series ‘10 Weeks to 0 Critical Vulnerabilities’ has created a community of security minded development teams. Sharing tools and resources and enjoying the odd joke; their security questions are answered by an industry expert, each week.