We sat down with our May Luncheon keynote, Dr. Eman Hammad, to hear more about her career, cyber security and what you can expect to hear at our upcoming luncheon! Ticket sales close on Monday, so be sure to register today- you won’t want to miss out.
Winnipeg Chamber (WCC): Tell us a bit about yourself and your career?
Eman Hammad (EH): I like to describe myself as a cybersecurity & interdisciplinary professional focusing on trustworthy, resilient complex systems and emerging technologies. I am currently involved in multiple roles with academia, professional organizations and industry. I combine practical experience, scientific methods and theoretical tools to shape my vision and approach for trusted and resilient-by-design solutions in the connected world. I am passionate about technology, digital trust, human-machine interaction and dark chocolate, all for the benefit and well-being of humanity.
WCC: How did you get involved in cyber security?
EH: My first real encounter with cybersecurity was as a junior software engineer. I was tasked, at the time, to integrate hardware security tokens into our e-banking solution, in addition to configuring web security and working with the network team to configure network security in support of the distributed application across the bank’s many branches. From that point on, I worked in several roles in the industry, where I naturally drifted more and more toward cybersecurity.
In my graduate studies, I saw a very exciting opportunity to be involved in the development of state-of-the-art solutions to introduce a more proactive and integrated by-design security and resilience for complex systems such as power systems. Following the completion of my Ph.D. studies at the University of Toronto, I worked with PwC’s Cybersecurity and Financial Crime as part of the IoT and industrial Security team for three years. Since then, I have been educating, training and preparing the next set of cybersecurity professionals. I also actively work with the Institute of Electrical and Electronic Engineers (IEEE) in several initiatives all focusing on cybersecurity and privacy for future networks, smart cities and public safety.
WCC: Why is cyber security so important for businesses to focus on?
EH: We are living in the digital economy revolution, and most businesses are evolving to rely more and more on technology as a core enabler. Gartner’s Predict 2023 report acknowledges that “the means of production in many enterprises is digital end-to-end, expanding the cybersecurity mission to encompass the entire value proposition” [2]. Failure to utilize strong and effective cybersecurity capabilities in uncertain economic environments will only compound negative business prospects. Furthermore, recent incidents have shown that effective cybersecurity capabilities not only improve cyber preparedness and resilience but can also significantly improve overall operational resilience. Most importantly, businesses with strong cybersecurity capabilities will have stronger confidence pursuing digital innovation roadmaps. In the 2023 PwC’s CEO survey[1], nearly half of the respondents said that they plan to increase their investments in cybersecurity or data privacy.
WCC: Why has cyber security changed so drastically over the last few years?
EM: There are multiple factors that will always render cybersecurity a moving target game with a high dynamicity. Emerging technologies such as advanced AI, connectivity, hardware and software innovation are fueling a drastic shift in cyber threats and defences. While technologies are proving to be strong forces of potentially positive change, as in digital transformation, we remain highly uncertain about the specifics of some of those technologies. This uncertainty could significantly hinder our ability to properly govern, control, monitor, detect and respond to threats. Secondly, threats continue to evolve as well.
Remember that technological advancements are also available to threat actors, and recent incidents illustrate how cyber crime evolved to be a business with as-a-service model for specific capabilities. This is resulting in cybercrime supply chains to support complex and advanced persistent threats. There are now as-a-service businesses for specific components in the cyber kill chain, such as initial access, exploitation, malware delivery, ransomware negotiation, etc. Further, Cybercrime businesses now have the resources to exploit vulnerabilities that were nation-state level in the past. Finally, hyperconnectivity in businesses and day-to-day activities is extending to services with direct and potentially catastrophic impacts. Intuitively, this strengthened the coupling between global/local events and business processes, as we have seen during the pandemic and in recent global conflicts. Naturally, threat actors will adapt to exploit the aforementioned coupling, for example, targeting remote work.
On the positive side, more businesses are on board with cybersecurity as a business enabler and a value-add. In addition, our cybersecurity tools and processes have also evolved significantly in the past few years, leveraging emerging technologies and a better understanding of people/processes/technologies.
Protecting your Business from Cyber Attacks Thursday, May 18, 2023 11:30 a.m. – 1:30 p.m. RBC Convention Centre Register here |
[1] https://www.pwc.com/gx/en/issues/c-suite-insights/ceo-survey-2023.html
[2] https://www.gartner.com/doc/reprints?id=1-2D7XIUC3&ct=230413&st=sb, “Predicts 2023: Cybersecurity Industry Focuses on the Human Deal, Published 25 January 2023 – ID G00778825