ARCHIVED - Public Safety Canada's response to the 2012 Fall Report of the Auditor General of Canada - Chapter 3: Protecting Canada's Critical Infrastructure from Cyber Threats
Archived Content
Information identified as archived is provided for reference, research or record-keeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
In partnership with industry and all levels of government, the Government has taken action to meet its commitment to keeping Canada's cyber systems secure and to protecting critical infrastructure.
National Strategy and Action Plan for Critical Infrastructure
- In 2010, Public Safety Canada launched the National Strategy and Action Plan for Critical Infrastructure, Canada's plan to address the full range of risks and threats to the infrastructure which forms the backbone of our economy, our security, our health and our way of life.
- Since the announcement of the Strategy in 2010, Public Safety Canada has worked in collaboration with other federal departments/agencies to establish sector networks for each of the ten critical infrastructure sectors.
- In addition, on December 1, 2010, Public Safety Canada hosted the inaugural meeting of the National Cross Sector Forum, which brought together national leaders from each of the critical infrastructure sectors to discuss the risk environment and set priorities. The National Cross Sector Forum now meets on an annual basis.
- Public Safety Canada has set out processes for its public-private sector partners to mitigate risks and threats and conducted exercises to ensure that the department and its partners can respond and recover quickly in the event of a disruption.
- The Government of Canada has published a Risk Management Guide for Critical Infrastructure Sectors, developed numerous risk assessments for vital assets and systems, and conducted exercises to ensure that our plans will be effective in the event of a disruption or attack.
- The Government of Canada has also developed a catalogue of risk assessment methodologies, conducted site assessments, and launched a web-based Critical Infrastructure Gateway to facilitate ongoing dialogue among the critical infrastructure community.
- Recognizing that Canada and the United States are connected by critical infrastructure, Public Safety Canada and the United States Department of Homeland Security launched the Canada-United States Action Plan for Critical Infrastructure in 2010. This action plan sets out requirements and timelines for joint risk assessments and exercises to enhance the resilience of cross border systems and assets.
Canada's Cyber Security Strategy
- In 2010, the Government of Canada launched Canada's Cyber Security Strategy, which aims to secure Government of Canada systems, enhance partnerships with industry and other governments to protect vital systems, and help Canadians keep their personal information safe and secure.
- The Government of Canada recently invested $155 million over five years to reinforce federal government cyber security capabilities, expand the operational capacity of the Canadian Cyber Incident Response Centre, and improve the detection of and response to continually evolving cyber threats for the benefit of all Canadians.
- We have improved how we manage cyber incident response coordination and have clarified the roles and mandates for the Communications Security Establishment Canada and the Canadian Cyber Incident Response Centre to improve Canada's ability to identify, prevent, and mitigate cyber security incidents.
- In 2011, we introduced the Government IT Shared Services initiative to transform the way government manages IT telecommunications, desktop computer services, data centres, IT security services and Internet access points. By consolidating our information technology infrastructure under Shared Services Canada, we are making our information technology infrastructure more secure.
- Public Safety Canada launched Get Cyber Safe in 2011, the national public awareness campaign created to educate Canadians about Internet security and the simple steps individuals can take to protect themselves online. The campaign is a key component of Canada's Cyber Security Strategy.
Canadian Cyber Incident Response Centre (CCIRC)
Together with the private sector and first responder community, the Government of Canada is committed to sharing information on risks and threats to ensure that we are collectively prepared to address all threats to critical infrastructure, including cyber threats, terrorism, and natural disasters.
As Canada's computer security incident response team for non-government systems, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents.
CCIRC provides authoritative advice and support, and coordinates information sharing and incident response, in conjunction with its domestic and international partners to address high-level cyber security concerns.
A portion of the recently announced investment of $155 million over five years is allocated to CCIRC to:
- Expand collaboration with internal and external partners to improve incident response across Canada, and enhance the ability of government and its partners to maintain awareness of the cyber environment; and
- Strengthen analytical capability to improve mitigation advice and incident response for partners.
- Date modified: