It used to be that countries only had to defend their borders against attacks by land, by sea or by air.
Today, there’s a fourth way in which nations and its citizens can be attacked: via cyberspace.
As has been demonstrated in a number of high-profile incursions launched through the internet, such attacks can be difficult to defend against. And they seem to be proliferating. The RCMP says that in 2016, the agency received 24,000 reports of cybercrimes, representing a 58 per cent increase over the previous two years.
On a larger scale, there are increasing fears about the potential for foreign states or terrorist organizations to target a country’s electricity grids, banking services, hospitals and even election systems.
Canada’s federal government is taking the threat seriously by putting more than $500 million in new funding over the next five years toward a newly released cybersecurity strategy. The plan includes an assortment of initiatives aimed at providing better online protection for Canadian governments, businesses and citizens. It’s an update of a plan originally put forward by the Harper government in 2010 and comes from almost two years of consultations with experts from industry, academia and other areas.
Federal Public Safety Minister Ralph Goodale, in announcing the strategy Tuesday, said it focuses on doing three things — detecting cybercrime, deterring it and then prosecuting the perpetrators.
The strategy brings Canada’s various cybersecurity efforts in different federal departments together under one umbrella, the new Canadian Centre for Cyber Security. Scheduled to open in the fall, it will be located at the Communications Security Establishment.
One of the aims of the plan is to help the private sector, particularly small businesses, in better protecting themselves against cyber attacks. Officials indicate that small businesses were the victims of 71 per cent of all data breaches which occurred.
“They comprise a huge chunk of the Canadian economy,” Goodale said in a Canadian Press story. “And they are as interconnected as the rest of us to their suppliers upstream and to their customers downstream, so if they have a cyber problem, that whole network could be infected.”
The government admits Canada, like many other countries, has a shortage of “cyber-warriors” with the skills to tackle the problem. “A shortage of cybersecurity talent makes it difficult for organizations — including the federal government — to attract and retain the people they need to improve their cybersecurity or to disrupt cyberthreats,” says the new strategy.
While Goodale said the shortage is “a huge challenge,” he noted it also represents a huge opportunity. Canada’s cybersecurity industry already involves some 11,000 jobs and creates $1.6 billion in economic activity, and the government expects those numbers to grow.
However, a weakness in the government’s strategy is that is lacks a specific focus on skills training or funding to help grow the cybersecurity industry.
“It’s disappointing to see a lack of commitment to build Canada’s cyber sector,” Benjamin Bergen, executive director of the Council of Canadian Innovators, said in the Canadian Press story. “Cyber is the fastest-growing ICT sector in the world and domestic innovators present an opportunity for our government to grow our economy and deploy world-class technology solutions for protecting Canada’s digital borders.”
On the surface, the new strategy looks like a welcome addition, since there’s no question Canada needs to stay on top of the issue of protecting the country’s computer systems from cyber attacks. But the strategy will only work if sufficient resources are put toward the problem.
Cyber breaches are costly to all Canadians. Upgrading the country’s protection against invasions from cyberspace seems like a wise investment.