By Brendan Beckett
Software developer Ryan Weir knows first-hand how important cyber-security is for businesses.
His company, SharpSchool, spends more than half its IT department’s resources on protection from the DDoS attacks they routinely get from unknown sources. DDoS, or distributed denial of service, happens when multiple systems attempt to flood a target system’s bandwidth, disrupting its function.
In his business, the resulting reputation loss can be devastating.
“Our largest source of customers is referrals,” said Weir, explaining it’s not just about the customers directly lost due to an attack. “Losing a referral has the snowball effect of losing more customers,” he said.
Ensuring things run smoothly requires a wasteful devotion of resources, said Weir.
“We assume that at some point (an information technology system will) come under a load higher than what it was designed for,” he said.
The issue of cyber-security has risen in the public consciousness recently, in the wake of highly publicized data breaches of Sony Pictures and the retail chain Target. U.S. President Barack Obama even spoke about the concern in his State of the Union address earlier this month.
The impact on these companies has been severe.
James Cullin, associate dean of The Business School at Humber Lakeshore campus, explained the Target breach involved customers’ private data they had given over when signing up for a discount card, and that the resulting loss of confidence in their system had compounding effects.
“There’s a real cost to Target beyond the loss in customer sales,” he said.
Target intended to lock in a set of customers in Canada by putting them in that informational ecosystem, he said, and customers became reluctant to sign up when their private information was thought to be at risk.
“There’s an entire infrastructure around the Target discount card, and it scales,” said Cullin. “It costs X amount of dollars to get it up and running, and you want to amortize that over as many people as possible.”
That fixed cost goes unchanged “whether you have one card-holder or a million,” he said.
Cullin doesn’t think the breach had a major role to play in Target failing in Canada, since it was an American issue and in the news only briefly. But with Sony, the damage could be much more serious.
“The Sony hack, because of the prurient nature of a lot of the leaks that were coming out, left Sony and that security issue in the news for weeks on end,” said Cullin.
And it may not recover.
“I would be stunned if Sony Pictures survives the next three to five years,” Cullin predicted. “If you’re any sort of creator in Hollywood, why would you want to work with them given how unbelievably sloppy they were?”
Victor Beitner of Cyber Security Canada has seen the effect that the breaches have had on the market.
“They definitely bring awareness (of the need for security),” he said. “I’ve seen a lot of new interest.”
His company is introducing a new technology next month in response to the attacks.
“We played with the Sony virus, and it caught it instantly,” he claimed.
It’s only going to be a more pressing issue for companies going forward, because there’s widespread vulnerability in systems around the world, Beitner said.
“We’re going to probably hear about a lot of this happening,” he said. “The FBI (is) telling us that 50 per cent of organizations are compromised, the other 50 per cent don’t know it yet.”