Almost $700 million is being spent in a move to shore up Canada’s national security, Ottawa announced last month.
While the largest amounts are destined to enhance marine security and intelligence capabilities ($308 million and $137 million respectively), information technology was not left out. To secure critical government information systems, $85 million has been set aside; $10.31 million will go toward implementing a biometric passport strategy; and $5 million to set up a taskforce to develop a national cyber-security strategy.
A senior policy advisor in Deputy Prime Minister Anne McLellan’s office said the money will be used to strengthen everything from government Web sites to databases to e-mail systems. “We are moving toward a government online, (so we are) more prone to cyber attacks.”
John Reid, president of the Ottawa-based Canadian Advanced Technology Alliance (CATA), is pleased overall with the government’s announcement, but said he was disappointed that “there isn’t any mention of the commercial opportunity that there is here. We would have liked to see that a little more explicit.”
The IT industry has been particularly hard hit during this recent economic slump, and Reid said CATA identified 700 Canadian companies that could provide products and jobs to help achieve Ottawa’s security plan. Not only that, but Canada exports a tremendous amount of technology to the U.S., where security is a top priority.
“So if we take progressive steps in creating a plan, that is very beneficial to the high-tech sector,” he said.
The $85 million is necessary for the government to overcome one of its biggest security hurdles — integration. Reid likes to use a switchboard analogy. “None of those buttons are connected together which means that you don’t understand fully what your exposure and risks are,” he said. “So it is a significant IT investment to integrate those systems.”
Reid said Canada is not alone in its security vulnerability predicament. “It is not only a criticism of Canada, it is basically a criticism of most countries where you tend to have fiefdoms as opposed to integration.”
That these IT security issues are only being addressed now was less of a concern for Bill Munson than the fact they are finally on the table. “Yeah, it is a long time in coming. But the good news is that it is here. What’s past is past,” said the director of policy with the Mississauga, Ont.-based Information Technology Association of Canada (ITAC).
The national cyber-security strategy, though Canada-specific and involving both the public and private sector, will be released within a year.
“We need to have a cyber-security strategy for the country,” the McLellan spokesperson said. “There are officials who are monitoring cyber security but we recognize a lot more has to be done and this is why we want to formalize the process to have a national cyber-security strategy.”
Both Reid and Munson said it is necessary to use international contacts to make the cyber-security strategy work since a nationally limited focus, in the era of cyberspace, is of little use.
“You want to build on [an] international architecture, so the mandate of the task force would have to have a pretty significant international component,” Reid said.