The Canadian Government's Chief Information Officer confirmed yesterday that Chinese state sponsored hackers have been found to be breaking into the networks of the National Research Council (NRC) – the leading research body for the government. Media reports say that there is concern at the highest levels of the government and that Foreign Minister John Baird met his counterpart in China, and had a comprehensive discussion on the subject.
Wael Aggan, CEO of CloudMask, a Canadian company specializing in data security said that "besides the embarrassment caused, the true damage to national security may never be discovered or fixed. Proactive measures are therefore required to protect data before our opponents hack it. Our defenses have been breached and at least now we need to put strong defensive measures in place".
CloudMask is the winner of the Canadian Innovation Commercialization Program (CICP) and has been evaluated by the Shared Service Canada (SSC), a Canadian Federal Government department, for integration with their security infrastructure. CloudMask had communicated, during the last few months, with the Treasury Board and other Government departments to highlight the threats to the Canadian Cyber infrastructure and to explain CloudMask capabilities in protection of the Federal Government in case of total breach.
Wael Aggan reiterated his company's commitment to Canadian security and said that "this is a real wake up call to protect our assets, our intellectual property and our information in a world where our adversaries can be much stronger than us, I'm sure that this breach represents only the tip of the iceberg. Many breaches could be in progress even at this moment". Wael says "the effect of most breaches that target data are preventable. Earlier this year the "Heartbleed" attack raised alarms when the Canada Revenue Agency was breached. Such attacks are increasing in frequency and are continuing to cause greater damage"
CloudMask solution is based on a "Zero Trust Model'. CloudMask security works with the premise that no one can be trusted with data – including the IT administrators and employees. CloudMask secures data at the very moment of its creation. Strong encryption, tokenization and masking ensure data security even if a hacker has currently broken into your network. CloudMask ensures that all existing applications will continue to function normally with the data it has secured and that data will never travel, process or be stored in clear text.
CloudMask has partnered with companies such as Entrust, SalesForce and Amazon to deliver the best possible security solution without compromising application functionality in any way.
The CloudMask solution is currently going through Common Criteria Certification to meet the security certification required to operate with Governments in 26 Countries.