One of the country’s biggest IT lobby groups is trying to put hard numbers on the state of cyber security in Canada.
The cyber council of Canadian Advanced Technology Alliance (CATA) released a 30-point questionnaire Monday for C-level executives and managers to fill in gaps in data before it goes to Ottawa, the provinces and the private sector to marshal weapons in the war against cyber attackers.
The goal “is to raise the level of dialogue around cyber security in Canada,” Katherine Thompson, a CATA vice-president and chair of its cyber council, said in an interview. “Our council believes we need more active dialogue around the issue. We need to see more private and public sector collaboration.”
Missing are things like “what our labour really market looks like,” she said. There’s a shortage of skilled IT security talent, but there’s not a lot of data about how hard or easy organizations feel it is to recruit.
“Another area is the economic development side,” she added. “A lot of countries like the U.S., the U.K. and Israel have cyber security ambassadors who not only spread the mandate of the country as it relates to cyber security but also are looking to promote and elevate the profile of the SMBs in the country and what some of the innovation is. We don’t really have that.”
Survey questions include listing the barriers that prevent the timely and efficient sharing of cyber threat information in Canada, whether current laws and regulations restrict the sharing of cyber threat information, if the organization has an incident response team, it if is confident that it has the appropriate level of technology, people and processes to provide the required level of security for its operations and the data it holds, and rating Canada and government leaders’ level of commitment and leadership in cyber security.
Organizations have until mid-January to fill in the survey. It will be used to compile a white paper CATA will use at its forums and in lobbying the government. It has already put in a request to meet with new public safety minister Ralph Goodale.
“We’re seeing a lot of receptivity initially from the Trudeau administration as they recognize cyber security is an issue and there needs to be engagement with the public sector, Thompson said.
“Quite frankly the Harper administration had this philosophy that until cyber reaches the dinner tables of Canadians we’re not going to talk about it.” But, she said, average Canadians aren’t talking about cyber threats because they don’t understand the issue. There’s false sense of security in part because organizations don’t have to disclose data breaches, she said — although that will change when amendments to recently-passed legislation is proclaimed.
CATA’s cyber security council includes Peter Hammerschmidt, director general for national cyber security at Public Safety Canada; Gary Perkins CISO for British Columbia; John Proctor, vice-president of global cyber security at integrator CGI; Danny Timmins, CEO of security NCI, a Mississauga, Ont.- based cyber security consultancy; and Linda Calvert, a journalism professor at Toronto’s Seneca College.