High university knowledge is mobilizing to erect a wall of computer security at the service of Quebecers.
The University of Montreal and its two affiliated schools, Polytechnique and HEC Montreal, thus announce the creation of the Multidisciplinary Institute in Cybersecurity and Cyberresilience (IMC2).
The objective of this new institute, which will be associated with 44 professors, their research teams and numerous students, is to offer cutting-edge expertise not only in terms of research and training of a qualified succession, but also a public service in cybersecurity.
“The objective is also to try to play a role in relation to the orientations in terms of public policies at the regulatory level, also at the level of the observation of the threat. It is also important to have a threat observatory so as to be able to help in decisions when there is a major incident that occurs, ”explained in an interview Professor Frédéric Cuppens, cybersecurity expert in the engineering department. computer science and software engineering from Polytechnique, who became the director of the Institute.
Even for the citizen
This expertise will even reach citizens, he says.
“At the level of SMEs and citizens, when there is identity theft, fraud among citizens, often these people or these small business structures do not necessarily know what to do to deal with these incidents and that It is also an objective of the Institute to have a structure, a center of expertise which makes it possible to provide assistance and first aid to individuals and SMEs who have to deal with incidents. »
A Herculean task if there ever was one, and Professor Cuppens has few illusions about the Institute’s ultimate capacity.
“We are probably not going to meet all the needs. We know that the needs are broad, that they are changing rapidly, that they are increasing, but a success will be to say, precisely, that we cannot do everything.
“If that happens, we will have already succeeded quite a bit since it will make it possible to demonstrate to public policies that perhaps more important structures are needed than what exists today. »
A multidisciplinary structure
Bringing together expertise in IT, business, criminology and several other fields will make the IMC2 a multidisciplinary tool capable of attacking cybersecurity problems on several fronts.
The Institute is committed to “becoming a global academic reference in cybersecurity and cyberresilience” which will remain at the forefront of the rapid evolution of emerging technologies such as artificial intelligence, post-quantum and 5G.
Artificial Intelligence, in particular, presents both an indispensable tool and a challenge in terms of cybersecurity, recognizes Frédéric Cuppens.
“To do cybersecurity, we need artificial intelligence. We need learning solutions to automatically learn about threats, vulnerabilities, understand attacks, automate response processes. The downside is that artificial intelligence itself is vulnerable to attack due to its lack of robustness. »
The contemporary era is marked by the malicious use of new technologies. The risks of fraud and sabotage are increasing and “some attacks mix the two”, says Professor Cuppens.
Fraud, he says, is the biggest and most visible of these threats. Sabotage is less visible, but it is also important.
“The reason we don’t see more acts of sabotage is that today a major act of sabotage is seen as an act of war, which involves a significant escalation of a conflict,” explains he, especially in a context of war like the one we are currently experiencing.