Cross-provincial data breach detected through national cybersecurity collaboration

Imagine your email address and passwords were publicly posted – and you had no idea. This year, security analysts from the National Research and Education Network (NREN) uncovered a collection of emails and passwords from several member institutions in their province posted on a public social media channel, as well as insecure private data from institutions in a nearby province.  

This information was quickly shared with the affected partners, an internal plan was formed to address the issue, and the affected institutions were notified. These institutions later expressed gratitude for being notified about the data leak before the issue escalated.  

The NREN analysts who identified the issue knew exactly who to contact to address the problem, and the impacted institutions responded quickly because the notification came directly from the NREN. Building this level of understanding and trust is one key outcome of the Security Information and Event Management (SIEM) initiative, which was developed by the 13 provincial, territorial and federal partners in the NREN to improve identification, management, and response to cybersecurity threats on this vital infrastructure.  

Collaboration is key  

The SIEM strengthens the NREN’s overall security posture and represents an unprecedented pan-Canadian effort to coordinate network threat monitoring. Since 2019, a team of NREN security analysts have worked together to monitor infrastructure and collaborate on addressing emerging issues. 

The SIEM analysts are currently using the cross-provincial data breach as a case study to improve communications protocols and processes for sharing sensitive information. 

When this kind of collaboration is done well, it creates many benefits, including: 

  • increased efficiencies 
  • a wider scope of impact 
  • broader wisdom and experience 
  • a reduction in individual workloads 

The NREN community is now experiencing many of these benefits, leading to a stronger research and education ecosystem in Canada. 

Protecting the research and education network is critical 

The importance of the research and education (R&E) network, and the need to protect it, cannot be understated. Nearly 800 organizations in Canada use the NREN to connect and collaborate with each other, as well as with thousands of R&E institutions around the world. Many researchers completely rely on the NREN to share their work or to access valuable data, simply because the files they work with are too large (or sensitive) to transmit over a commercial network. 

Learn more on how to protect your institution  

Cybera members who would like more information about how the NREN is collaborating to protect the national R&E network infrastructure can contact our Security team.

For those outside Alberta, check out the NREN Partners directory to find the contact information for your local R&E network.