Spy agency expands cyber security role
Liberals’ plan deems CSE a ‘one-stop shop’ for federal network defence
OTTAWA– Canada’s electronic spies have been given almost total responsibility for defending the federal government’s computer networks against cyber attacks and hacks.
Under the Liberal government’s updated cyber security plan, released Tuesday, the Communications Security Establishment (CSE) will become a “one-stop shop” for defending federal networks and systems.
“(We’ll) be defending Government of Canada networks, unlike (our assistance) to the private sector where we’ll typically be providing advice and guidance,” Scott Jones, the head of CSE’s IT Security branch, told the Star. “It’ll be an integrated defence for any Government of Canada organization.”
Currently the responsibility to protect the federal government’s networks is shared by multiple agencies. CSE already has an IT security role, in addition to its mandates to spy on foreign governments and individuals and assist domestic law enforcement. But under the Liberals’ plan, CSE’s cyber security division would be transformed into the Canadian Centre for Cyber Security. The plan means an influx of cyber security staff at the spy agency, and $155.2 million over five years to get the centre up and running.
Jones, who was named head of the new centre on Tuesday, said he hopes to have it up and running by the fall. The centre will also provide advice — and potentially direct assistance — to private-sector organizations that request it. Jones said he anticipates more advice than hands-on defensive operations, and said existing privacy and oversight measures would apply to the centre’s activities with the private sector.
The Liberals’ Cyber Security Strategy has been in the works for months, intended to update the plans established by the previous Conservative government in 2010. In addition to the security component, the strategy commits the federal government to supporting research into cyber security technology, as well as working with other governments to “shape” the international cyber security environment.
But industry groups criticized the strategy Tuesday, with the Information Technology Association of Canada calling the “lack of details … discouraging.”
“Canada has the potential to be a global cyber security leader, and it’s crucial that we don’t fall behind,” wrote ITAC CEO Robert Watson in a statement.
Benjamin Bergen, the executive director of the Council of Canadian Innovators, said the strategy disappointed on partnering with private industry.
“Cyber is the fastest growing ICT sector in the world and domestic innovators present an opportunity for our government to grow our economy and deploy world-class technology solutions for protecting Canada’s digital borders,” Bergen said in a statement.
Public Safety Minister Ralph Goodale told reporters in Parliament the strategy was more “robust” than the 2010 plan developed by the Conservative government. But Goodale noted that the threat of cyber attacks and hacks has changed dramatically over that period.