OTTAWA — The federal government has rolled out a new cybersecurity strategy aimed at protecting its vast number of computer systems and information banks from an increasingly diverse array of threats.
OTTAWA — The federal government has rolled out a new cybersecurity strategy aimed at protecting its vast array of computer systems and information banks from increasingly diverse threats.
The strategy, published on Wednesday, says the government has worked to improve cybersecurity in recent years, but online dangers are evolving even faster.
The plan says a new cross-agency effort is needed to deliver safe and reliable government services digitally to Canadians.
Governments have warned that they are attractive targets because they hold personal information, valuable research data and other sensitive materials.
As a result, cyber attacks could have a significant impact on government operations, including through the disruption of critical and essential services and the exposure of confidential and personal information, the report said.
“This significant impact could put people at risk of identity theft and other types of fraud, all of which could potentially undermine trust in government institutions and undermine Canada's economy and society as a whole.” It may have a negative impact.”
Finance Committee Chair Anita Anand said in an interview that a government-wide approach to cybersecurity “has never been more important.”
“I'm worried about privacy invasions. I'm worried about government systems being shut down.”
Your strategy document will flag current gaps such as:
— Departments and agencies have made modest progress in improving their capabilities to identify and respond to threats.
— Lack of comprehensive awareness of cybersecurity risks
— With so many different tools, methods, and services used to monitor systems, it can be difficult to get a comprehensive view of security threats.
— Traditional security architecture models are now less effective.
– Weak information management practices, including reliance on outdated tools.
— Increasing global demand for talent is leading to a shortage of skilled cybersecurity professionals.
The document warns that differing approaches to security capabilities “can lead to inconsistencies, inefficiencies and blind spots” in the government's overall defense.
This highlights the rapid adoption of cloud computing services, typically provided by private companies using software, servers and other hardware hosted on company premises.
According to the strategy document, due to a lack of clarity, the management of cloud-based environments, including cybersecurity operations, is up to departments and agencies. This expectation leads to duplication of effort, inconsistent approaches, and lack of information sharing.
The new strategy applies to more than 100 federal departments and agencies and is intended to clarify security risks to government systems and more effectively prevent attacks.
It also aims to strengthen capacity across government agencies and build a workforce with the right cybersecurity skills, knowledge, and culture.
Anand acknowledged that the hurdles to working towards a more unified approach are high, given the variety of systems and practices currently in place.
“This is difficult, but it's something we have to do, not just to protect against cyber attacks, but to be more efficient for Canadians and ensure we can deliver services in the most effective way possible,” Anand said.
The plan does not apply to federal government agencies such as Canada Post or the CBC.
“But in terms of what we're trying to implement, we strongly encourage them to follow suit,” she said.
For the strategy to work, the document says, key companies need to work closely together.
These include the Treasury Board of Canada Secretariat, which provides policy and oversight, the Communications Security Facility and its Cybersecurity Centre, the Canadian Shared Services Central Agency, and a number of federal departments and organizations.
“The leadership role of the Finance Committee is critical to making this approach permanent so that we can respond to new threats as they evolve,” Anand said.
This report by The Canadian Press was first published May 22, 2024.
Jim Bronskill, The Canadian Press
