Predict your next investment

Corporation
CONSUMER PRODUCTS & SERVICES | Education & Training (non-internet/mobile) / Colleges & Universities
ryerson.ca

See what CB Insights has to offer

Stage

Grant - II | Alive

Total Raised

$22.66M

Last Raised

$250K | 2 yrs ago

About Ryerson University

Ryerson University is a public research university in Toronto, Ontario, Canada.

Ryerson University Headquarter Location

350 Victoria Street

Toronto, Ontario, M5B 2K3,

Canada

(416) 979-5000

Latest Ryerson University News

OPINION: As cyberattacks skyrocket, Canada needs to work with — and not hinder — cybersecurity experts

Jul 30, 2021

OPINION: As cyberattacks skyrocket, Canada needs to work with — and not hinder — cybersecurity experts July 30, 2021 By Yuan Stevens, Policy Lead on Technology, Cybersecurity and Democracy at the Ryerson Leadership Lab, Ryerson University and Stephanie Tran, Policy and Research Assistant, Cybersecurity and Democracy at the Ryerson Leadership Lab, Ryerson University Cyberattacks are on the rise. Canada needs to work with cybersecurity experts to enable them to identify and address security vulnerabilities. July 30, 2021 By Yuan Stevens, Policy Lead on Technology, Cybersecurity and Democracy at the Ryerson Leadership Lab, Ryerson University and Stephanie Tran, Policy and Research Assistant, Cybersecurity and Democracy at the Ryerson Leadership Lab, Ryerson University NatalyaBurova / iStock / Getty Images Plus Cyberattacks are on the rise, impacting people, systems, infrastructures and governments with potentially devastating and far-reaching effects. Most recently, these include the massive REvil ransomware attack and the discovery that the Pegasus spyware was tracking more than 1,000 people. A common cause of cyberattacks involves the exploitation of security vulnerabilities. These are conditions or behaviours that can enable the breach, misuse and manipulation of data. Examples can include poorly written computer code or something as simple as failing to install a security patch. Exploiting vulnerabilities There can be particularly significant impacts when attackers exploit security vulnerabilities involving digital systems used by federal governments. For example, in July 2015, the United States Office of Personnel Management announced that malicious hackers had exfiltrated highly sensitive personal information and fingerprints of roughly 21.5 million federal workers and their associates, due to a string of poor security practices and system vulnerabilities. Advertisement The massive data breach served as a wake-up call for the U.S. federal government. Barack Obama’s administration consequently announced the Department of Defense would be responsible for storing federal employee data. Not long after that, the “Hack the Pentagon” pilot program was announced, where the U.S. government invited external experts to responsibly report security flaws. This pilot paved the way for what has become a standard security practice used by the U.S. government. Since 2020, all American federal agencies have been required to enable the disclosure of security vulnerabilities. Canada lagging behind By comparison, our recent report found that the government of Canada is lagging behind countries like the U.S. by failing to welcome vulnerability reports from external experts. We haven’t had an attack the size of the Office of Personnel Management breach in the U.S., but we aren’t immune either. Consider the Equifax breach in 2017, when 19,000 Canadians were affected when attackers exploited a security vulnerability in an online customer portal. In August 2020, the Canada Revenue Agency locked more than 5,000 user accounts due to cyberattacks partially enabled by the agency’s lack of two-factor authentication. Our report, published through the Cybersecure Policy Exchange at Ryerson University, is the first publicly available research that examines how Canada treats the reporting of security flaws in comparison to other countries. We discovered that while 60 per cent of G20 members have distinct and clear processes for reporting security vulnerabilities in public infrastructure, Canada does not. Cybersecurity experts can disclose “cyber incidents” to the Canadian Centre for Cyber Security. But this term is defined so narrowly that it excludes vulnerabilities that have not yet been weaponized. And while the United Kingdom and the U.S. governments have promised to make efforts to fix security flaws that are reported, the Canadian Centre for Cyber Security has made no such promise. By not supporting and protecting security researchers in identifying vulnerabilities, these gaps ultimately put Canada and Canadians at greater risk. Vulnerable systems, vulnerable people Cybersecurity experts can face significant legal risks when they report security flaws to the Canadian government. Computer hacking is prohibited by the Criminal Code, and in certain circumstances by laws like the Copyright Act. But unlike in the Netherlands and the U.S., there is no legal framework here for reporting security vulnerabilities in good faith. Canada’s current approach has a chilling effect on the disclosure of security weaknesses found not only in government systems, but also for all software and hardware. This approach largely leaves cybersecurity researchers in the dark about whether — and how — they should notify the government when they spot security flaws that could be exploited. A cybersecure Canada requires working with experts who identify the security risks faced by our institutions and infrastructure. It’s not too late for the federal government to institute a process allowing experts to report security flaws, and to draw on best practices while doing so. Our work outlines the importance of defining who can submit vulnerability reports, and describes what the reporting and fixing process can look like. It’s important to credit or recognize the experts who disclosed. The public should be given information about vulnerabilities and the solutions required to fix them. Imperative improvements Cybersecurity experts are “a significant but underappreciated resource” when it comes to reducing security risks of government systems. They want to help. The Canadian government needs to implement clearer processes and policies to foster co-operation with cybersecurity experts working in the public interest. As cyberattacks grow in frequency, scale and sophistication, better cybersecurity practices in Canada are not just desirable — they are imperative.

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Research containing Ryerson University

Get data-driven expert analysis from the CB Insights Intelligence Unit.

CB Insights Intelligence Analysts have mentioned Ryerson University in 1 CB Insights research brief, most recently on Nov 9, 2020.

Ryerson University Patents

Ryerson University has filed 3 patents.

The 3 most popular patent topics include:

  • Computer vision
  • Image processing
  • Medical imaging
patents chart

Application Date

Grant Date

Title

Related Topics

Status

1/30/2018

4/20/2021

Medical imaging, Image processing, Surgical instruments, Computer vision, Medical equipment

Grant

00/00/0000

00/00/0000

Subscribe to see more

Subscribe to see more

Subscribe to see more

00/00/0000

00/00/0000

Subscribe to see more

Subscribe to see more

Subscribe to see more

Application Date

1/30/2018

00/00/0000

00/00/0000

Grant Date

4/20/2021

00/00/0000

00/00/0000

Title

Subscribe to see more

Subscribe to see more

Related Topics

Medical imaging, Image processing, Surgical instruments, Computer vision, Medical equipment

Subscribe to see more

Subscribe to see more

Status

Grant

Subscribe to see more

Subscribe to see more

CB Insights uses Cookies

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.