Cyber attacks on Canadian companies starting ‘to explode’
Security company sees chance to expand, as problem likely to get worse in future
Canadian companies are facing an increasing number of cyberattacks, says Travis Reese, president of the U.S. cybersecurity firm FireEye Inc. — and for him, that’s an opportunity.
In an interview at the company’s Toronto office, Reese said he expects FireEye’s business in Canada to grow 30 per cent this year and double annually for several years after that. That’s because Canadian businesses and governments are starting to come on the radar of the world’s biggest cyber criminals, with data thefts and extortion attempts on the rise.
“We’re starting to see Canada really start to explode,” Reese said. “It’s a trend we’re going to see getting a lot worse before it gets better.”
FireEye has investigated some of the world’s most high-profile data breaches, including those suffered by Yahoo! Inc., Sony Pictures Entertainment Inc., and Toronto-based cheating website Ashley Madison. The California-based company has about 3,000 employees and 5,800 customers worldwide, including three of Canada’s five big banks.
Still, with a market capitalization of US$2.5 billion and US$714 million in revenue in 2016, the firm has yet to turn a profit four years after going public. FireEye embarked on a turnaround strategy in May of last year, shaking up its executive team, announcing a US$80 million costcutting plan and shifting focus to software subscriptions as opposed to hardware.
Reese said FireEye is on track to achieve non- GAAP profitability by the end of the fiscal year. The firm has made a series of large acquisitions over the past couple of years, but Reese said FireEye is currently only looking for buying opportunities that would help the company serve demand for new technology.
“We’re always looking for interesting technology gaps,” he said. “What we would like to become is one of the consolidators, where we’re building an ecosystem of great technology companies.”
One such technology gap for FireEye is artificial intelligence, and Reese said he’s intrigued by the new AI hub set to open at the University of Toronto: “I’m pleasantly surprised with what I’m hearing.”
Reese said FireEye has sometimes had trouble finding qualified Canadians with expertise in security, but said he’s excited about the talent pool that will be produced by our growing artificial intelligence knowledge base.
Canada’s lack of trained cybersecurity professionals may be related to the fact it historically hasn’t had to fend off as many threats as the U.S. But that’s changing as Canadian companies are fending off attacks from a growing range of sources.
Attacks sponsored by foreign governments can be particularly insidious. A FireEye report exposing Chinese cyber-theft of American trade secrets led to an agreement between the U.S. and China not to steal each other’s intellectual property in 2015.
Reese said corporate espionage by state-sponsored hackers — including China — is a big problem for Canadian companies. He said FireEye has seen Chinese attempts to learn everything from a Canadian firm’s engineering secrets to how much it intends to bid for a contract a Chinese firm is also interested in.
“We have a significant, significant problem with the Chinese government, who has basically made it part of their policy to go spy around the world and collect data,” he said. “Not just for pretty traditional counter-espionage state-sponsored activity — it’s for economic gain, there’s no question.”
Reese said the Canadian government is moving in the right direction with a new legal requirement that firms disclose data breaches, which goes into effect later this year. Companies may wish they didn’t have to do it, but bringing the issue out in the open will be good for everyone, Reese said.
“I think that’s a good move,” Reese said. “If everyone’s allowed to keep their head under the sand and not talk about it, no one’s going to really solve the problem.”