How can organizations safeguard themselves against the increasing threat to cyber security?
Interview with Sura Alshaer, Director, IT Security, Kinross Gold Corporation
Kinross Gold is a Canadian gold mining company with a diverse portfolio of mines and projects in the United States, Brazil, Chile, Ghana, Mauritania, and Russia. We recently caught up with Sura to discuss how the recent surge in technology in all organizational operations should be addressed from the point of view of Cyber Security. Here’s an excerpt of the interview with her.
- What is cybersecurity?
Cybersecurity is the practice of protecting computer systems and digital data from digital attacks. The Cyber criminal’s goal is to gain access to the computer systems to destroy or steal sensitive information, for the purpose of extorting money from the users or disrupting business operations.
Today, there are more devices connected to the internet than people, and attackers are getting innovative in their ways to breach those devices. Therefore, applying effective security measures is becoming particularly challenging.
- Why Information security is so important?
In the world of digitization, all our information, personal information, business intellectual properties, or even government or industry information is being stored in an electronic format on thousands of computer systems. Therefore, we need to protect those systems from cybercriminals who attempt to steal the data stored in those systems or disrupt the operation of those systems.
In the past, if someone wanted to steal sensitive information, they needed physical access to the location where the information was kept. Today, all they need is internet access.
- Currently, what are the major threats to cyber security?
The major cyber threat facing companies, in general, is Ransomware. Cybercriminals target companies for financial gains. They try to find a way to gain access to the internal network of a company, plant malware that is designed to prorogate throughout the environment, and via a command-and-control server, the attacker instructs the malware to encrypt all the files and data in all the computer systems rendering them unusable. At that point, the attacker would contact the company demanding a Ransom to be paid in exchange for the decryption keys.
Ransomware is not only used by cybercriminals; it is widely used by nation-states targeting other countries for political reasons, among the sectors that are highly targeted by nation-states, the government agencies, and the utility sector, e.g. power plants, nuclear facilities. The goal is disruption rather than ransom money, but the tactics are the same.
- What are the new tendencies in cyber security?
The common trends in cyber threat for the last few years have been Ransomware, Data Exfiltration, and Cyber Espionage. However, we are seeing an increasing level of sophistication in the tactics being used and also the number of attempts year over year. Cybercrime is a multi-billion dollar business, and there is a lot of money being spent on making those attacks successful.
- How do you detect if your security has been breached?
Over the years we built several layers of security defenses and monitoring systems. Those systems can detect and protect against the vast majority of malicious events. In addition, we have a team of highly skilled security analysts who monitor for any anomalies in the environment that weren’t detected by the tools. Our end-users are also trained to identify suspicious activities like phishing emails and report them immediately to the security team for investigation.
- What are the recommendations to keep your information/data secure?
I would recommend 2 things:
- Defense-in-Depth Strategy – with the increasing level of sophistication and variety of tactics cybercriminals use today, a single security tool will not protect you from all types of threats, you need multiple tools even if they sometimes overlap in some of the functionalities and features to ensure better protection.
- End-User Training – Any company is as strong as its weakest link; the end-user is that weakest link. All that is required for a cyber breach is a single user click on a bad link or an attachment sent to the user via a phishing email. Increasing the awareness among the users and training them on detecting phishing emails for example is crucial to avoid cyber breaches.
The security technologies available now are fantastic, however, cyber-attacks like phishing campaigns have a very short lifetime 2-3 hours maximum, and attackers use what is called Zero-day malware in those attacks that security tools might not be able to identify and need several hours to build a signature for. When that happens, your only hope is that your end-user can identify them.
- Could you tell us more about your role at Kinross?
I am the Director of IT Security; I have global responsibility for running the cyber security program for the company and managing IT Risk. With my team, we built and advanced our cyber security capabilities as we adopted a defense-in-depth strategy that I mentioned earlier. We work with our users and the business every day providing security consult and responding to any cyber-related issue.
- What’s the biggest challenge you have with your specific role right now and what are you doing or planning to do, to overcome it?
In the cyber security field, the biggest challenge is to find and retain talent. There is a large resources gap in the industry, a huge demand for cyber professionals with a very limited number of skilled people to fill the demand. This gap is only increasing as cyber threats are on the rise.
Fortunately, we have been successful in attracting security talent to Kinross, as Kinross has been awarded one of the top 50 employers in GTA for many consecutive years. We also look for new school graduates that demonstrate the desire and ambition to get into the security field, and we help them develop the skills and turn them into security geeks.
With the shortage in the market for security skills, I believe it is the responsibility of the corporations to fill the gap by helping young graduates in developing the skills needed to be successful in such jobs. It is a guaranteed win-win outcome.
- How has COVID-19 impacted your operations?
Fortunately, not much, as we can work as effectively remotely. However, with most of our users working remotely we needed to adapt our security tools and measures to ensure users’ protection as they are working using their home network which is outside of our control rather than the corporate network.
Working remotely is not foreign to Kinross given the nature of our business, as we always had several people traveling across the sites and needed to work remotely from time to time. Therefore, we were more prepared than most other companies transitioning to working from home.
- What advice would you give to a Peruvian Tech company looking at starting operations in Canada?
First and foremost, they need to keep in mind that the Canadian tech market is competitive; Toronto is a tech hub that is competing with Silicon Valley. For a new company coming in, they will have to compete with giant names like Microsoft, Cisco, IBM, etc. However, there is always a niche market where smaller companies can find opportunities for success. Therefore, study the market very well, identify your competitors, and have a clear business strategy and marketing plan.
I personally prefer working with small to medium size tech providers as they are more attentive to our specific needs and their customer services are often better than what large companies can offer, just due to scale.
- Anything else that you would like to share with our readers, especially keeping in mind the current scenario?
I would like to advise on continuous education and awareness around cyber threats and how to protect against them. Cyber threat is real and cybercriminals don’t go after companies only, they go after individuals too. You can find many educational videos on YouTube on cyber security, you can help protect your company and protect yourself.
Stay Vigilant… Stay Safe!