The previous Conservative one certainly wasn’t:
I doubt the new Liberal one will be any better unless something really disastrous or super-embarrassing happens. Nonetheless see these tough words from a top Canadian banker (buried in the Globe and Mail’s business section, natch):
Can business and government ensure Canada’s cybersecurity?
Louis Vachon is chief executive officer of National Bank of Canada
Canadian businesses generally take this threat seriously and are investing significant resources to safeguard the integrity of their data. However, should we come under attack from foreign states, we expect our own government to have some role in protecting us against such attacks. It is imperative that Canada step up its game.
Prime Minister Justin Trudeau’s government has stated its intention to conduct an in-depth review of Canada’s defence strategy by the end of 2016 [more here]. In light of the growing number of geopolitically motivated cyberattacks around the world, this important policy exercise must include cybersecurity as an integral component of defence strategy.
Canada needs a clear cybersecurity strategy. And it has to be accompanied by adequate funding to achieve our national objectives. The strategy must provide for strong co-ordination between Canadian government and business – there has been significant progress on this front – and an effective structure for marshalling the efforts of government agencies. Taking a cue from many countries, including non-militaristic ones such as Denmark and the Netherlands, we must not only harden our defences for better protection but also build an offensive capability that gives our government the ability to deter potential intruders [emphasis added, quite a stretch for the current government one would think; see also: “Aussie Offensive Cyber War Capability–and Canada’s CSE?…“; “Souping Up US Cyber Command“]…
The best cybersecurity strategy will protect Canadian interests only if supported by adequate means for execution, and this is admittedly a challenge in the current economic and budget environment. The defence review must, therefore, look at the allocation of funds between traditional defence systems and new threats. For example, hard questions need to be asked about whether the maintenance of a submarine fleet is still a judicious use of funds [good point!]. The government should also assess the role that military reserve units can play in cybersecurity by attracting cybertalent, a category of recruit that may not be considered an appropriate fit under traditional military organizational culture.
The bottom line is that cybersecurity must be a strategic priority for Canada and we have to build the necessary capability to repel and deter cyberattacks. For this reason, the defence policy review is also the right forum to debate a related fundamental question: Who will be responsible for overall cybersecurity strategy at the government level going forward – Public Safety Canada or the Department of National Defence?..
Right now Public Safety has the lead (but note the hodge-podge) and I can’t see this government switching it–though CSE, which is under the Minister of National Defence, might be given a greater role. The Canadian Forces do have a “Director General, Cyber, a unit within Chief of Force Development tasked to develop the military’s future cyber capabilities.”; but that sure ain’t much to build on.