Forum plots engineering response to cyber attacks

Engineers would be well advised to push for a culture of security in the face of increasing cyber attacks and the growing sophistication and boldness of hackers.

The difficulties in securing networked infrastructure was the focus of this year’s Engineering Innovations Forum (EIF), held on March 21 at the Japanese Canadian Cultural Centre in Toronto, Ontario.

Organized each March with the support of PEO, the Ontario Society of Professional Engineers and the Ontario Association of Certified Engineering Technicians and Technologists, the EIF is a key part of National Engineering Month and aims to foster dialogue and raise public awareness of engineering, science and technology.

This year’s forum was moderated by Marisa Sterling, P.Eng., assistant dean at the Lassonde School of Engineering at York University and an elected vice president on PEO Council.

The opening speaker was former PEO president George ComrieP.Eng., FEC, who described the central challenges of internet security. Comrie also outlined his role as chair of the Communications Infrastructure Engineering sub-group of PEO’s Emerging Disciplines Task Force.

Other guests included Joe DiAdamoP.Eng., executive consultant with IBM Canada, who talked about efforts to defend the smart electric power grid, and Tyson Macaulay, noted network security consultant and author of four books about cyber issues, who highlighted risk elements in managing the Internet of Things (IofT). Essentially a network of physical devices, including vehicles and home appliances, to connect and exchange data, the IofT is especially vulnerable to malicious hacking.

All speakers emphasized the growing nature of the cyber security problem and said that defensive measures involve much more today than network firewalls and password protection efforts.

Comrie, for example, cited a recent study compiled by protection software developer McAfee and the Center for Strategic and International Studies showing that cyber crime now costs the world almost $600 billion, or 0.8 per cent of global GDP.

Comrie said internet and cyber security issues arise from the origins of networked communications. Although these were ingenious in providing instant access to information, the systems were not designed with security in mind. “It’s extremely difficult to retrofit security,” Comrie said, adding that the global internet usage has vastly outpaced the technology that can protect it from hackers and other forms of digital warfare.

In discussing smart electricity grid security, DiAdamo said the security efforts must adapt to a rapidly changing landscape in which something as ubiquitous as electricity generation and distribution can be hijacked from a variety of sources. “Technology alone is not going to solve these problems,” DiAdamo said.

Cyber security is an especially thorny issue when it comes to the IofT. Third speaker Tyson Macaulay told the EIF audience that the multitude of platforms networked via the IofT make it a natural point of entry for cyber criminals. “These risks are set to grow especially as IofT device makers are made quickly and cheaply, often failing to take security into account,” he said.

Ironically, all three speakers agreed that hackers have created a huge market for cyber security experts in North America and internationally. As a result, engineering associations might want to revisit policies to regulate or license cyber security specialists, and if expertise in this area might fall under the definition of professional engineering.