Risk Management & Cyber Security

This is a picture of the Fortress of Louisbourg as it stands today on Cape Breton Island. The origins of the fortress date back to 1713 when the French came to Louisbourg.

The French had ceded Acadia and Newfoundland to the British under the terms of the Treaty of Utrecht.  Under the terms of the treaty, France’s only remaining possessions in what is now Atlantic Canada were the islands of Cape Breton and Prince Edward, which were then called Isle Royale and Isle Saint-Jean. France used the islands as a base to continue the lucrative cod fishery off the Grand Banks. In 1719 they began to construct Fortress Louisbourg to protect the community inside from attack.

So how can the story of an 18th century fortress help put cyber security into context?

  • First, remember the Fortress was constructed in part to protect the “asset” or the town inside it. Today your “assets” include important information holdings and your reputation if your holdings are compromised.
  • The Fortress had walls to protect from an attack. Your information holdings should be protected by walls, in modern days referred to as a firewall. Firewalls monitor packets of data that flow through it and compare them to its internal rule set to determine if the data packet is authorized.  If the packet is not, the firewall discards it.
  • But what if attackers got inside the walls of the Fortress? In the 18th century that would have been a serious problem.  But in modern times, thinking about your information assets, you can take measures to mitigate the risk of a breach of your firewall with data encryption, both when data is at rest (stored) and during transmission.  When data is encrypted, the risk of unintended access is greatly reduced because only those with the encryption key can access it.

Back to the Fortress of Louisbourg:

In 1744, the French attacked Canso on the mainland of Nova Scotia which was the main North American British port with access to the cod fishery.  The French took prisoners in the raid, brought them back to Louisbourg, and eventually released them.  While in Louisbourg, the prisoners took careful note of the design of the Fortress, and this intelligence was very useful to the British in New England for their attack on the Fortress in 1745.  A significant threat to the Fortress came from within it.

This story carries forward to modern times in that a significant proportion of threats to your core information holdings and IT environment come from within your organization. Frequently problems can be traced back to simple mistakes such as falling for phishing attempts, visiting a website laden with malware, transporting unencrypted sensitive data on USB keys, or sharing login credentials with someone else.  Education can go a long way to reducing these risks.

The French capitulated Fortress Louisboug to the British in 1745.  In 1748, Louisbourg was returned to the French under the terms of the Treaty of Aix-la-Chappelle.  In 1758, Louisbourg was again attacked by the British and with 13,000 troops supported by 14,000 crew on 150 ships, the British army captured the Fortress in seven weeks.  The British subsequently destroyed the Fortress. In the 1960’s the Government of Canada invested in a reconstruction of the Fortress and today the Fortress of Louisbourg is one of the largest historical reconstructions in North America  with historical re-enactors in place.

Francis Liska on EmailFrancis Liska on LinkedinFrancis Liska on Twitter
Francis Liska
CEO OTUS Group | OTUS Group
Francis is a Chartered Professional Accountant, Certified General Accountant, Certified Information Systems Auditor, Certified Internal Control Auditor and a Certified Management Consultant. He holds a degree in Business Administration from Cape Breton University and a Post Graduate Diploma in Applied Information Technology. He has also completed graduate studies in decision analysis at Carleton University.

Leave a Reply

Your email address will not be published. Required fields are marked *