Skip Ribbon Commands
Skip to main content

Can Business and Government Ensure Canada's Cyber Security?


​MNP's TAKE: As cyber attacks increase in both frequency and ferocity, the Canadian government needs to step up plans to deter intruders and protect vital data on national infrastructure – from individual’s information to banks to defence systems. A large part of this involves coordinating strategies between public and private enterprises, as well as taking a hard look at where dollars will be best spent to defend Canada’s national interests. The same approach applies to any business or organization: Are the various units of your business clearly aligned with your security strategy in a cohesive manner? And is your cyber security budget not only adequate, but used in the most effective manner?

Breaches of cyber security systems translate into financial and reputational losses as personal and corporate data become compromised or are held ransom. But there is no blanket solution that will protect every single aspect of your business, regardless of the size. Knowing what is critical to keep your enterprise running and what is most vulnerable to attack is key to building an effective defence program. Vulnerability assessments and penetration testing are two first steps in reviewing the effectiveness of your current cyber security stance.

To find out more, contact Danny Timmins, National Cyber Security Leader, at 905.607.9777 or [email protected] 


Business finds itself on the front lines of global conflict these days like never before. Consider the high-tech assault on Turkey’s banking system, which disrupted credit card transactions and online services last December in the midst of tensions with Russia. Or the computer systems breach at the Warsaw Stock Exchange in October, 2014, claimed by Islamic State. When there is geopolitical tension – it does not have to be a declared conflict – cyberattacks by state or state-sponsored organizations are now inevitable.

These attacks have two main purposes. The first is to inflict immediate damage, by disrupting services and stealing information.

The second, more pernicious, is to intimidate. And enterprises are not the only targets. There have been countless intrusions into the systems of government defence organizations and other departments in Europe and the United States in recent years.

Canadian businesses generally take this threat seriously and are investing significant resources to safeguard the integrity of their data. However, should we come under attack from foreign states, we expect our own government to have some role in protecting us against such attacks. It is imperative that Canada step up its game.

Prime Minister Justin Trudeau’s government has stated its intention to conduct an in-depth review of Canada’s defence strategy by the end of 2016. In light of the growing number of geopolitically motivated cyberattacks around the world, this important policy exercise must include cybersecurity as an integral component of defence strategy.

Canada needs a clear cybersecurity strategy. And it has to be accompanied by adequate funding to achieve our national objectives. The strategy must provide for strong co-ordination between Canadian government and business and an effective structure for marshalling the efforts of government agencies. Taking a cue from many countries, including nonmilitaristic ones such as Denmark and the Netherlands, we must not only harden our defences for better protection but also build an offensive capability that gives our government the ability to deter potential intruders. We also need to work closely with allies and, if appropriate, create new cyberalliances, an area in which Canada can take a leadership role.

We must not use scarce defence resources to spy on allies or target our own citizens. A robust control and governance structure is needed to ensure that efforts are focused, money is well spent and citizens’ privacy rights are respected.

The best cybersecurity strategy will protect Canadian interests only if supported by adequate means for execution, and this is admittedly a challenge in the current economic and budget environment. The defence review must, therefore, look at the allocation of funds between traditional defence systems and new threats. For example, hard questions need to be asked about whether the maintenance of a submarine fleet is still a judicious use of funds. The government should also assess the role that military reserve units can play in cybersecurity by attracting cybertalent, a category of recruit that may not be considered an appropriate fit under traditional military organizational culture.

The bottom line is that cybersecurity must be a strategic priority for Canada and we have to build the necessary capability to repel and deter cyberattacks. For this reason, the defence policy review is also the right forum to debate a related fundamental question: Who will be responsible for overall cybersecurity strategy at the government level going forward – Public Safety Canada or the Department of National Defence?

Historically, our geographic location has been a blessing, helping to keep Canada out of harm’s way. But this natural barrier cannot keep us safe in a digital world. Our defence strategy for the 21st century must absolutely take this stark reality into account.


This article was written by LOUIS VACHON from The Globe And Mail and was legally licensed through the NewsCred publisher network.