Canada released its Cybersecurity Strategy this month, emphasizing the immense challenge of protecting government and corporate computer systems.
“There is no simple way to detect, identify, and recover from attackers who cannot be seen or heard, who leave no physical evidence behind them, and who hide their tracks through a complex web of compromised computers.”
The $90 million (Canadian) strategy focuses on three main areas:
-
Secure government systems: The government will implement the necessary structures, tools, and personnel to fulfill its cybersecurity obligations.
-
Create partnerships to secure non-governmental systems: In cooperation with provincial and territorial governments and the private sector, the government will support initiatives to enhance Canada's cyber resiliency, particularly in critical infrastructure sectors.
-
Help Canadians be secure online: The government will provide Canadians with the information they need to protect themselves and their families online and strengthen the ability of law enforcement agencies to combat cybercrime.
This strategy mirrors those recently released by Canada’s close security and intelligence partners—the United States, the United Kingdom, and Australia. According to the Public Safety Ministry:
“Three of our closest security and intelligence partners, the United States, the United Kingdom, and Australia, recently released their own plans to secure cyberspace. Many of the guiding principles and operational priorities set out in those reports resemble our own. This complementarity reflects our shared experiences in dealing with cybersecurity and demonstrates our determination to enhance our collective security by leveraging each ally's domestic cyber regimes.”
However, similar to the White House's Cyberspace Policy Review from 2009, Canada’s strategy lacks specific details on network defense beyond what is already known.