The federal government has developed a plan for security to address the prominence of cyber crime in Canada. The 2018 federal budget proposes to allocate $507.7 million over five years, followed by an annual amount of $108.8 million to fund the National Cyber Security Strategy. Furthermore, $201.3 million over five years followed by $43 million annually are allocated to create an RCMP cyber unit, outlined below, and to increase the capacity of federal cyber crime investigations.
The Communications Security Establishment (CSE), Canada’s national cryptologic agency, will expand its mandate on cyber security. The CSE, Canada’s foreign intelligence organization, will receive funding of $155.2 million over five years, and $44.5 million annually after that, to create the Canadian Centre for Cyber Security. The centre will be a source of “expert advice, guidance, services and support” on digital security and will aim to centralize the government’s operational cyber expertise. The RCMP will also set up a National Cybercrime Co-ordination Unit, funded by $116 million over five years, followed by an annual $23 million; the unit will attempt to centralize cyber security expertise and provide advice to law enforcement agencies.
Another reason the Canadian government is currently investing substantially on cyber crime is that digital attacks raise security concerns for municipalities that aim to use online voting in elections for the upcoming Ontario election in 2018, and the federal election in 2019.
Regarding the financial and business sectors, the federal government is also addressing security breaches and leaks of personal information by allocating $30 million over five years to the Canada Revenue Agency to protect personal and financial information. Small businesses are specific targets of cyber attacks which raise some of the following concerns:
Smaller organizations are easy targets because they have fewer resources dedicated to cyber security which results in taking longer to discover breaches. According to Small Business Trends, between 2011 and 2015, the percentage of total cyber attacks targeting small organizations increased from 15% to 43%.
There’s a lack of internal expertise at many smaller Canadian businesses. According to a 2016 study by the Ponemon Institute, the most common reasons for security deficiencies were the lack of personnel at 67%, and the absence of financial resources at 54%; consequently, small businesses are reactive rather than proactive regarding cyber breaches. This approach can result in increased turnover because employees fail to meet deadlines due to technology breakdowns.
One cyber attack may be all it takes to put a small Canadian firm out of business. According to a 2012 study by the National Cyber Security Alliance, 60% of small firms go out of business within six months after a data breach.
Overall, it remains to be seen how effectively the federal government will address pressing issues in cyber crime. The strategies to centralize security systems and create safeguards to strengthen cyber security should protect, among other things, upcoming elections and the operation of small businesses in Canada.
This blog post was written by a CCLA-PBSC RightsWatch student. Views expressed do not necessarily reflect the views of the CCLA or PBSC.