Long lines at stores. Bare shelves. Shortages of household essentials like toilet paper. These were the scenes we witnessed at the height of the COVID-19 pandemic. Now, as life returns to normal, there’s another worry: that the threat of a cyberattack could trigger similar supply disruptions.

J. Paul Haynes, COO of Waterloo-based cybersecurity company eSentire, highlights the chilling reality that a cyberattack targeting key sectors like transportation could jeopardize access to essential goods, including food security.

“If anyone wanted to systematically target us we would be starved before we figured out what happened,” said Haynes. “That’s the zombie apocalypse moment.”

The vulnerability of supply chains and critical infrastructure is a pressing concern, and the team at eSentire is all too aware of the challenges confronting organizations across every major sector in today’s digital world.

Founded by two students in Waterloo in 2001, eSentire has grown into a cybersecurity powerhouse with a workforce of over 600 employees. Specializing in managed detection and response (MDR) services, the company is at the front lines of defending against cyber threats.

Most recently, eSentire has been named a leader in the 2024 IDC Worldwide MarketScape for MDR for its customer service scores, security operations centre (SOC) capabilities, and breadth of threat response. eSentire now has over 150 analysts operating out of SOCs in Cork, Ireland and Waterloo.

“We have a very high trust relationship with customers,” said Haynes. “They want us to bring more and more of it.”

Experts have been warning of a rise in criminal cyber activity, pointing out that the number and severity of attacks will keep getting worse. According to a report from Canada’s cyber watchdog, the Communications Security Establishment (CSE), critical infrastructure is an attractive target to cyber criminals because they’re “perceived to be more willing to pay significant ransoms to limit or avoid physical disruption and impacts to their customers.”

The May 2021 ransomware incident against Colonial Pipeline in the United States and the North American and Australian operations of JBS Foods resulted in multi-million dollar payouts for threat actors and caused major disruptions to fuel and food supply chains. In Canada, a ransomware attack in June 2021 resulted in a loss of essential services at an Ontario hospital. Later that year, in October, a municipal transit service was unable to share route and scheduling information after servers were encrypted and locked. Despite the increasing risk and number of incidents, Haynes says cybersecurity continues to be an afterthought for many organizations.

“We’re going to continue to see people rush to digitize their business and say ‘oh, we should secure this’ afterwards,” said Haynes.

Cyber criminals are opportunistic and will not limit their activities to any particular sector, and according to Haynes, a new risk category is emerging that involves generative AI and large language models (LLMs).

In 2023, the Canadian Centre for Cyber Security blocked 2.3 trillion malicious actions, an average of 6.3 billion per day. According to a report from the Open Source Foundation for Application Security (OWASP), the rapid adoption of generative AI and the introduction of LLM-powered attacks will likely exacerbate this threat landscape.

Generative AI can help unleash more sophisticated, personalized and stealthy attacks that may go undetected or underreported, while LLMs can also boost cyber criminals’ capabilities, helping them speed up and automate attack techniques, while also creating new classes of AI-driven threats.

“We’ve never seen anything have such a profound impact in a minimal amount of time,” said Haynes. “All that to say, that’s creating opportunities and risks for businesses. The other thing is these tools, in the hands of adversaries, might be morally corrupt. They’re technically gifted and we never underestimate them. They’ll be able to take advantage of this to capture the flag, so to speak.”

One of the biggest challenges facing the cybersecurity industry is a global skills gap. The 2022 (ISC)2 Cybersecurity Workforce Study estimates organizations are trying to fill a global gap of 3.4 million cybersecurity workers. About 70 per cent of organizations around the world reported they don’t have enough cybersecurity employees and over half believe staff and skills shortages are putting their organizations at moderate or extreme risk of cyberattacks.

“For every growing company, your fuel is talent and technical talent,” said Haynes. “We’ve benefited immensely from being here at the centre of tech.”

Being based in Waterloo Region has enabled eSentire to tap into the local talent pool by hiring analysts from nearby post-secondary institutions. eSentire has also found success in recruiting students for internships and co-op programs.

“Many organizations want to know what our secret sauce is,” said Haynes. “We’re investing heavily in training.”

For Haynes, nurturing talent is just as important as building trust. He highlights the need for organizations to prioritize cybersecurity and embed it into their operations from the outset. Yet, many companies are lagging behind, facing constraints in terms of resources and funding. As eSentire continues in its mission to protect companies and critical systems from cyber threats, it acknowledges the battle ahead as the world tries to stay one step ahead of evolving threats.