Cybersecurity agencies in movies are darkened rooms with the glow of hundreds of monitors, maybe even holographic screens, illuminating complicated webs of internet threats.
Fortinet, a cybersecurity solutions firm based in Burnaby, doesn’t have the holographic screens, but there are plenty of monitors featuring threat-tracking maps.
The office isn’t dark either – it’s as bright as any hospital’s emergency room.
Turns out health metaphors are an apt analogy for the “ongoing pandemic of cybercrime,” according to Fortinet’s spokesperson Derek Manky, chief security strategist and vice-president of global threat intelligence.
Whether it’s the “virus collection” Fortinet keeps in a secured location (where it collects computer viruses like a biology lab would store test tubes to scan through and protect against them), or “outbreaks” of cyberattacks, Manky described the company’s workers as “first responders” who “triage” threats.
“We have to be as quick as possible, and that’s happening right here in Burnaby. It serves a global infrastructure.”
Want a glimpse inside a threat-hunting, crime-fighting lab? Read on.
Burnaby on the cybersecurity map
The company’s 510,000-square-foot campus spans three buildings at 4190 Still Creek Dr., and it continues to expand.
Manky said the Burnaby base is “very significant” to the company: there’s 1,800 employees in Burnaby, 20 per cent of Fortinet’s global workforce.
It’s home to Fortinet’s research and development operations, including software engineering and hardware teams, as well as threat intelligence which researches cybercriminals.
“Burnaby – it’s on the map,” Manky said and laughed. “To say the least.”
“It’s very exciting, because even when I’m worldwide talking to people about Vancouver and Burnaby, we have these conversations, and it comes back to Burnaby. I mean, it’s really an international city, in a sense, because it comes up in conversation almost every week.”
Fortinet’s founders (headquartered in Los Angeles) started the research and development office in Burnaby in 2000 in Metrotown; the company moved to Brentwood in 2009.
What kinds of crime?
The two main categories of cybercrime are ransomware and business email compromise, essentially fraud, Manky said.
It happens a lot, according to Manky.
The cybercriminals are enterprising and innovative – and well-funded.
Some organizations have more than 50 people, a malicious kingpin-CEO and different business units.
“It’s organized crime,” Manky said.
One of the “crazy” aspects of the business is when relationships sour between cybercriminals and they start extorting each other, Manky said.
Manky said, more generally, the No. 1 target is operational technology, like manufacturing plants.
But cybercrime also targets everyday people and businesses.
It can happen on your phone, computer or anything hooked up to the Internet of Things.
The scale of the threat is growing: there were 10 billion attack attempts in Canada in the last quarter of last year, Manky said.
The threats are becoming more visible now, he said, which is a good thing.
“That’s why the jobs are being created more and more; that’s why we’re having these conversations more and more often,” he said.
“We have a big workforce here, but you can never hire your way out of that problem,” he said.
Developing a ‘security culture’
Manky said there’s been a “huge skills gap” in the cybersecurity industry, adding it’s always been a challenge to get resources and talent across the board.
He said Fortinet has developed its own certifications and has a pledge to train one million individuals by 2025.
The company also partners with academic institutions, including 300 school boards across Canada, for free K-to-12 training.
He noted cybersecurity has become part of the regular curriculum at schools like BCIT, SFU and UBC, which Manky, a BCIT grad himself, said is a big change from even five years ago.
The industry includes a wide variety of career paths, including data science and machine learning.
Manky described the work of some of Fortinet’s analysts as “ripping apart” attack code to understand what attackers are trying to do; other teams proactively look for new threats, while a “dark web team” infiltrates forums to speak directly with cybercriminals to find out what they’re doing.
He advised anyone interested in cybersecurity careers to start following and reading blogs and online articles about the industry.
Manky said education and training can rewire us to virtual threats – creating a “security culture.”
“We need to rewire, because there are real consequences from identity theft, from financial loss, fraud, all these things that are quite significant now, that can happen.”
He said being aware of potential threats and questioning the authenticity of certain emails and links are part of developing “cyber hygiene.”
Fortinet works alongside public sector, private industry and law enforcement (Manky said he’s worked with Interpol on multiple arrests) for the disruption of cybercrime.
The groups all come together to make it “much more expensive” for cybercriminals to operate.
“If you can be a thorn in the side to cybercriminals and show how they’re slowing down – that’s the exciting part to me,” Manky said.