House Standing Committee on National Defence (NDDN) Supplementary Estimates B 2023-24 - December 7, 2023

Table of contents

 

Appearance details

Date: Thursday, December 7, 2023
Location: TBC
Time: 3:30 – 5:30 pm

Appearing:

  • Bill Blair
    Minister of National Defence
  • Caroline Xavier
    Chief, Communications Security Establishment
  • Hughes St-Pierre
    Assistant Deputy Minister, Corporate Services and Chief Financial Officer, Communications Security Establishment
  • Bill Matthews
    Deputy Minister, Department of National Defence
  • Cheri Crosby
    Chief Financial Officer, Department of National Defence
  • Nancy Tremblay
    Assistant Deputy Minister (Materiel) Department of National Defence

Details:
The Minister of National Defence will appear (for the first hour only) alongside senior departmental officials to speak on the Supplementary Estimates B 2023-24.

 

Key highlights and prep material

Key topics and media lines

Key topics - high-level

  • As Canada’s national cyber security and foreign signals intelligence agency, CSE has unique technical and operational capabilities.
  • The Communications Security Establishment Act (the CSE Act) sets out five aspects of our mandate: cyber security and information assurance; foreign intelligence; defensive cyber operations; active cyber operations; and technical and operation assistance. We use our technical expertise in all five aspects of our mandate. We do so to keep Canadians safe and secure.
  • CSE’s foreign signals intelligence program provides Canada’s senior decision-makers with insights into the activities, motivations, capabilities, and intentions of foreign adversaries, and the international readiness and foreign reactions to a variety of diverse global events.
  • CSE’s intelligence reporting also identifies hostile state activities, and the CSE Act authorizes us to assist the Department of National Defence and the Canadian Armed Forces.
  • We support Canadian military operations and protect forces deployed abroad through advanced cyber techniques. For example, CSE could protect Canadian forces by disrupting an adversary’s ability to communicate or providing intelligence regarding an imminent threat.
  • The CSE Act gives CSE the legal authority to conduct cyber operations to disrupt foreign-based threats to Canada. This includes active cyber operations to degrade, disrupt, respond to, or interfere with the capabilities, intentions or activities of foreign individuals, states, and organizations.
  • If there are reasonable grounds to believe that a foreign state or actor constitutes a threat to the security of Canada and/or Canadian military forces, we are prepared to take appropriate action to address the threat.
  • We continue to provide the Government of Canada with the most comprehensive information available related to Canada’s intelligence priorities, directly furthering Canadian safety, security, and prosperity.
  • CSE is responsible for handling sensitive and highly classified information. We take this responsibility very seriously to ensure our standards are upheld and our intelligence is well protected. Due to the nature of our work, we can’t discuss highly sensitive operational matters or intelligence in public, but rest assured we are defending Canadians and the Government of Canada every day.
  • With the approval of Supplementary Estimates B, CSE’s 2023-24 budgetary authorities will total $1,000.1M, including EBP costs.
  • CSE’s 2023-2024 Main Estimates are $965.9M, a net increase of $167.4M from the 2022-23 Main Estimates of $798.5M.
  • CSE’s 2022-2023 budget is $948 million, total authorities.

Protecting telecommunications

  • CSE works closely with federal partners and Canadian telecommunications service providers (TSPs) to help keep networks secure.
  • Evolving 5G technology will be able to support much faster connectivity and more powerful functions. However, there is also much greater scope for threat actors to exploit those networks.
  • In May 2022, the Government of Canada announced its intention to prohibit Huawei and ZTE products and services on Canadian 5G networks due to security concerns.
  • In June 2022, CSE outlined how we would evolve our Security Review Program related to this change.
    • Since 2013, the SRP has worked with Canadian TSPs to mitigate cyber security risks on their networks. This has involved reviewing products and services from designated suppliers, including Huawei and ZTE. As a result, certain products were restricted from sensitive functions on Canadian telecommunications networks.
  • Under the new Telecoms Cyber Resilience Program, CSE continues to work with Canadian TSPs to help them mitigate cyber security and supply chain risks. The program now considers all key suppliers and includes a new focus on network resilience.

Recruitment and retention

  • The Communications Security Establishment (CSE) is an employer of choice – we are fortunate that many talented people choose to work with us. Each year CSE receives on average, 10,000 to 15,000 applications from applicants with diverse skill sets and cultural backgrounds.
  • Over the past several years, CSE has experienced continued and sustained growth. Since 2019, our workforce has grown from approximately 2600 employees to 3,232 full-time employees as of March 31, 2023. We believe that this growth, combined with our comparatively low attrition rate reflects the positive work environment, employee development and support programs we have in place.
  • CSE has also been recognized as a Top Employer in 2020, 2021, 2022, and 2023, as well as one of Canada’s Top Employer for Youth for the past 7 years in a row.
  • CSE has a very low attrition rate, but we do have employees who choose to pursue opportunities outside the CSE. No organization has a zero percent attrition rate, nor would they want it. We value the contribution of all employees; no matter how long they stay with us.
  • CSE employees are amongst the smartest and most talented people in their fields. Their unique skillsets are in high demand and there are opportunities for them outside of CSE.
  • There was a slight rise in the number of employees leaving during and post-pandemic, but our overall numbers are still very low.

Distributed Denial of Service (DDoS)

  • The Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security (Cyber Centre) have received reports of several distributed denial of service campaigns, also known as DDoS attacks, targeting the Government, provinces and territories, as well as the financial and transportation sectors.
  • [Ukrainian presidential visit to Canada] On Friday, September 22, 2023, CSE issued a warning urging the Canadian cyber security community especially the operators of government and critical infrastructure web sites to adopt a heightened state of vigilance, and to bolster their awareness of and protection against malicious cyber threats.
  • CSE observed that it’s not uncommon to see increased distributed denial of service (DDoS) campaigns against NATO countries that support Ukraine, or host visits from Ukrainian government officials.
  • On Friday, September 15, 2023, the Canadian Centre for Cyber Security (Cyber Centre) published a statement and a cyber alert on Cyber.gc.ca warning Canadians of several distributed denial of service (DDoS) campaigns targeting the Government of Canada, provinces and territories, as well as the financial and transportation sectors.
  • CSE and the Cyber Centre are continuously monitoring the threats from state sponsored threat actors, especially China, Russia, North Korea and Iran.
  • CSE continues to monitor Russia-backed cyber actors and share threat-related information with Canadians and Canadian organizations in a timely basis.
  • The Government of Canada has systems and tools in place to monitor, detect and investigate potential threats, and takes active measures as required. CSE continues to work with its cyber security partners to ensure the Government’s networks and infrastructure are well defended against cyber threats.

Foreign interference

  • Canadians should be aware about covert and deceptive activities conducted by foreign states, including the People’s Republic of China and its ruling Chinese Communist Party, with the intent to influence the results of democratic elections at all levels of government in Canada. Although Canada’s electoral system is strong, foreign interference can erode trust and threaten the integrity of our democratic institutions, political system, fundamental rights and freedoms, and ultimately, our sovereignty.
  • Although CSE was the Chair of the SITE Task Force for the 2019 and 2021 federal elections, CSE, CSIS, the RCMP, and Global Affairs Canada are individually responsible to investigate and respond to any instances of foreign interference activity that fall under their specific departmental mandates.
    • SITE Task Force partners advised and contextualized information that was presented to the Panel; however, it is their decision in terms of whether the information meets the threshold make a public statement.
  • CSE cannot speak to what types of classified information (or the details) that was shared with the political parties, the Privy Council Office, or the Panel for security reasons. This same restriction applies to those members of the political parties cleared to receive information/briefings from SITE.

Threats to elections

  • CSE recently published its 2023 Update on Cyber Threats to Canada’s Democratic Process. This document provides an update to the 2017, 2019 and 2021 reports released by CSE. Some of the key findings include:
    • Cyber threat activity targeting elections is on the rise worldwide, with over a quarter of national elections affected in 2022.
    • In line with global trends, cyber threat activity is more likely to happen during Canada’s next federal election than it was in the past. However, Canada remains a lower-priority target for cyber threat activity than some of its allies, like the US or the UK.
    • Threat actors are increasingly using AI to create, spread and amplify disinformation. It is very likely that foreign adversaries or hacktivists will use generative AI to influence voters ahead of Canada’s next federal election.
    • Increased tensions between Canada and a hostile state in the run-up to a national election would very likely lead to cyber threat activity, including online influence campaigns enabled by cyber compromises.
    • It is unlikely that sensitive information held by Elections Canada will be compromised by cyber threat actors and unlikely that cyber activity will disrupt voting infrastructure in a national election.

Ukraine/Geopolitical events

  • The Government of Canada’s cyber defence team, including CSE, is constantly reviewing measures to ensure our systems and information networks remain secure. We have tools in place to monitor, detect, and investigate potential threats, and to take active measures to address them.
  • We can confirm that CSE has been tracking cyber threat activity associated with the current crisis. CSE has been sharing valuable cyber threat intelligence with key partners in Ukraine and continues to work with the Canadian Armed Forces (CAF) in support of Ukraine.
  • CSE’s Cyber Centre continues to monitor the cyber threat environment in Canada and globally, including cyber threat activity directed at critical infrastructure networks, operational and information technology (OT/IT). Since March 2022, we have issued reminders, alerts, and cyber bullets to remind the Canadian cyber security community to adopt a heightened state of vigilance and bolster awareness and protection against malicious cyber threats.
  • CSE is aware of an increase in Russian state-aligned hacktivist groups seeking to Ukraine and its allies.
  • We remind Canadian critical infrastructure operators and defenders to be aware of the risks and take mitigations against known Russian-backed cyber threat activity. Now is the time to take defensive action and be proactive in network monitoring and applying appropriate mitigations.
  • In addition to public advisories, the Cyber Centre continues to share valuable cyber threat information with Canadian critical infrastructure partners via protected channels. This information includes indicators of compromise, threat mitigation advice, and confidential alerts regarding new forms of malware, and other tactics, techniques, and procedures being used to target victims.

Indo-Pacific Strategy

  • Budget 2023 announced $29.7M over five years for The Communications Security Establishment (CSE) to increase Canada’s foreign intelligence support to government partners in defence and security in the Indo-Pacific.
  • In addition, CSE’s Canadian Centre for Cyber Security (Cyber Centre) will expand its delivery of cyber security advice and guidance to partners and stakeholders in the region.
  • As stated by the Minister of National Defence, “Canada will continue to pursue partnerships with India on matters of trade, defence, and immigration, while the investigation into allegations continues.”
  • It would be inappropriate for a senior public servant to comment further on matters unrelated to cyber security.

India

  • CSE leverages all aspects of its mandate to counter hostile state activity. We work closely with federal partners and international allies to defend Canada’s interests, in accordance with our mandate and authorities.
  • CSE can neither confirm nor deny any specific operations, capabilities, or targets for operational security reasons. However, Canadians can be assured that CSE’s foreign signals intelligence provides Canada’s decision-makers with actionable insights on a range of foreign-based threats, including the activities of hostile states, cybercriminals, and violent extremists.

Cyber threats to critical infrastructure

  • CSE and its Canadian Centre for Cyber Security (Cyber Centre) continue to monitor for any developing cyber threats and share threat-information with our partners and stakeholders to help prevent incidents.
  • As noted in the 2023-24 National Cyber Threat Assessment, we are concerned about the opportunities for critical infrastructure disruption, particularly about Internet-connected Operational Technology (OT) that underpins industrial processes. Internet-connected OT increases the threat surface of the organizations that employ it and increases the opportunity for cyber threat activity to have effects in the physical world.
  • CSE, through the Cyber Centre, have been in contact with critical infrastructure operators to ensure they are aware of cyber threats related to geopolitical tensions. CSE continues to monitor Russia-backed cyber actors and share threat-related information with Canadians and Canadian organizations in a timely basis.
  • Recently, the Cyber Centre issued a Cyber Flash to partners. It noted that we had a confirmed report where a cyber threat actor had the potential to cause physical damage to Canadian critical infrastructure. As the prime minister said, we can report there was no physical damage to any Canadian energy infrastructure. But make no mistake: the threat is real.
  • We remain deeply concerned about the threat to critical infrastructure and urge critical infrastructure owners and operators to get in touch with us to work together to protect their systems.

Cyber security and recent cyber incidents

  • Recent geopolitical events and incidents of cybercrime have elevated the potential risk of cyber threats, as outlined in the 2023-2024 National Cyber Threat Assessment (NCTA).
  • CSE continues to publish advice and guidance to help organizations be less vulnerable and more secure. CSE works with industry partners, including government and non-government partners, to share threat information and cyber security best practices.
  • Ransomware poses a threat to Canada’s national security and economic prosperity. Threat actors will typically compromise a victim, encrypt their data, and demand ransom to provide a decryption key. Data stolen during a ransomware attack almost certainly enables further cyber threat activity from a range of actors. Threat actors can also leverage sensitive business information to support commercial espionage.
  • The Government of Canada is working to reduce the threat of ransomware by targeting and disrupting cybercriminals, coordinating strategies with international allies and by issuing advice, guidance, and services for those affected by ransomware.
  • Cyber security is a whole-of-society concern, and the federal government works together with other jurisdictions, small-and-medium enterprises as well as critical infrastructure owners and operators to raise Canada’s cyber security bar.

Bill C-26

  • The Government of Canada is taking action to protect vital services and systems that Canadians rely on every day, such as telecommunications services and financial, energy and transportation systems. To do this, the proposed legislation addresses the protection of Canada’s critical cyber systems that underpin those services and systems and expands upon the existing cyber security efforts of critical cyber systems operators, while enhancing collaboration between the federal government and private sector entities.
  • In line with the National Cyber Security Strategy, the role of CSE and its Canadian Centre for Cyber Security (Cyber Centre) would be to provide technical cyber security expertise. Importantly, CSE would not receive any new authorities as part of Bill C-26.
  • In support of Part 2 of Bill C-26, the Critical Cyber Systems Protection Act (CCSPA), CSE would leverage its existing mandate under the Communications Security Establishment Act (CSE Act) for cyber security and information assurance to provide technical advice and guidance to:
    • Operators designated under the CCSPA,
    • Regulators named in the CCSPA in support of their duties and functions,
    • Lead departments and their ministers, and
    • To the Minister of Public Safety in the exercise of his or her powers and functions under the CCSPA.
    • CSE would also receive reports of cyber security incidents and would provide these reports (or a subset thereof) to regulators, upon request.
  • CSE is prohibited by law from targeting the private information of Canadians or any person in Canada – this is spelled out in the CSE Act. We take our responsibility to protect Canadian privacy very seriously.
  • CSE operates under a robust system of independent oversight including the Intelligence Commissioner, NSIRA, and NSICOP.

CSE – Other facts

  • Since 2014, CSE and the Government of Canada have officially attributed 12 cyber incidents to nation-state and state-affiliated actors.
  • CSE’s automated defences protect the Government of Canada from over 6 billion malicious actions a day.
 

Potential questions and answers

Funding

1. What funding is CSE receiving in the 2023-24 Supplementary Estimates B?
  • CSE’s 2023-24 Supplementary Estimates (B) includes a net funding increase totaling $15.2M, including Employee Benefit Plan (EBP) costs, associated with four Treasury Board (TB) Submissions and seven Interdepartmental transfers.
    • With the approval of SEB, CSE’s 2023-24 budgetary authorities will total $1,000.1M, including EBP costs.
2. What Treasury Board Submissions or re-profile is CSE seeking funding for in these Estimates?
  • Funding for the ongoing operation of the Canadian Centre for Cyber Security ($13.0M ($10.8M plus $2.2M EBP)).
    • This consists of personnel funding only, [redacted].
  • Funding for government advertising programs ($1.5M); and
  • Funding to enhance national security through an academic research initiative ($1.4M ($1.2M plus $0.2M EBP)).
  • CSE is also seeking a re-profile of existing funding for the Interim Quantum Safe Capability project ($1.6M).
3. What interdepartmental transfers will CSE be a party to in the 2023-24 Supplementary Estimates B?
  • From Shared Services Canada to CSE ($1.8M)
  • From Department of Finance to CSE ($0.1M)
  • From CSE to Treasury Board Secretariat (2 transfers totaling $25K)
  • From CSE to Canadian Security Intelligence Service ($0.3M)
  • From CSE to Department of Foreign Affairs, Trade and Development (2 transfers totaling $3.9M)
4. How will these funds continue to contribute to Canada’s cyber security?
  • CSE will use these funds to continue operationalizing its mandate and authorities under the Communications Security Establishment Act.
    • This includes the cyber security and information assurance aspect of CSE’s mandate, which allows the organization to identify, prepare for, and defend against the most severe and persistent cyber threats against Canada’s computer networks and systems, including critical infrastructure.
  • These funds will ensure CSE is best positioned to act against malicious cyber actors working to take advantage of Canadians.
5. How does the Government evaluate how much we are spending on cyber security and whether it is enough funding? How do we know it is enough?
  • Like all Government of Canada departments and agencies, CSE has performance measurement indicators to evaluate the effectiveness of its programs.
  • Performance measurement is very important in the stand up the new Cyber Centre and as we look to fully integrate the functions of other government departments, including Shared Services Canada and Public Safety.
  • More broadly, the Government of Canada’s National Cyber Security Action Plan for 2019-2024 provides a whole of government roadmap for how to implement the three major goals identified in the 2018 National Cyber Strategy. For CSE, the Action Plan includes several CSE-led initiatives.

CSE mandate and authorities

6. What is the mandate of CSE?
  • CSE is the national signals intelligence agency for foreign intelligence and the technical authority for cyber security and information assurance.
  • The Communications Security Establishment Act (the CSE Act) sets out the five aspects of our mandate:
    • Cyber security and information assurance: CSE acquires, uses, and analyzes information from the global information infrastructure, or from other sources, to provide advice, guidance and services to help protect electronic information and information infrastructures.
    • Foreign intelligence: CSE acquires, covertly or otherwise, information from or through the global information infrastructure, to provide foreign intelligence, in accordance with the Government of Canada’s intelligence priorities.
    • Defensive cyber operations: CSE carries out activities on or through the global information infrastructure to help protect electronic information and information infrastructures that are of importance to the Government of Canada.
    • Active cyber operations: CSE carries out activities on or through the global information infrastructure to degrade, disrupt, influence, respond to or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security; and
    • Technical and operational assistance: CSE provides technical and operational assistance to federal law enforcement and security agencies, the Canadian Forces, and the Department of National Defence.
  • The Communications Security Establishment (CSE) is committed to pursuing the objectives of equity and inclusion. Building an equitable, diverse, and inclusive environment at CSE is essential and is part of its obligation to Canadians.
  • As a security and intelligence organization, promoting diversity at CSE allows the workplace to integrate broad perspectives, experiences, and worldviews into its operations. As a result, individuals can pursue CSE’s mission in a nurturing and welcoming environment.
  • Working with equity-deserving groups both inside and outside of CSE on the promotion of equity, diversity and inclusion will enable CSE to evolve its processes, operations and policies in a manner that serves all Canadians effectively.
  • In effort of working towards reconciliation, CSE continues to participate in the Government of Canada’s IT Apprenticeship Program for Indigenous Peoples, a program that matches First Nations, Inuit and Métis candidates to help them build the skills they need for an IT career in the federal public service.

CSE 2022-23 annual report

7. What are the key takeaways from CSE’s annual report?
  • From 2022 to 2023, CSE produced over 3,000 foreign intelligence reports to alert and inform the Government of Canada about foreign-based threats and global events affecting Canada.
  • From 2022 to 2023, CSE’s Cyber Centre responded to 2,089 cyber security incidents affecting federal institutions (957) and critical infrastructure partners (1,132).
  • In 2022, CSE received 4 Ministerial Authorizations to carry out foreign cyber operations.
  • In 2022, CSE’s Cyber Centre published a new National Cyber Threat Assessment which identifies key trends in the cyber threat landscape.
  • CSE’s automated defences protected the Government of Canada from 2.3 trillion malicious actions, an average of 6.3 billion a day.
  • CSE’s 2022 to 2023 total budget was $948 million and consists of 3,232 full-time, permanent employees.

Canadian Centre for Cyber Security (Cyber Centre)

8. What is the mandate of the Canadian Centre for Cyber Security?
  • Defend Government of Canada networks and designated systems of importance.
  • Advise and assist other levels of government and the operators of Canada’s critical infrastructure, such as banks, telecommunications companies and other companies that are essential for the functioning of our society and economy.
  • Offer simple and effective tips that all Canadians can use to help keep themselves safer online.
  • The Cyber Centre raises Canada’s collective cyber security bar so Canadians can live and work online safely and with confidence.
  • CSE works closely with:
    • Federal government departments
    • Provinces, territories, and municipalities
    • Critical infrastructure
    • Canadian businesses
    • Academics
    • International partners

National Cyber Threat Assessment Report

9. What is the National Cyber Threat Assessment report? What information does it include?
  • Every two years, the Cyber Centre publishes an unclassified threat report outlining the greatest cyber threats that Canadians are likely to face in the coming years.
  • The key judgements in this report are based on reporting from multiple sources, including classified and unclassified information. The judgements are based on the Cyber Centre’s knowledge and expertise in cyber security and informed by CSE’s foreign intelligence mandate, which provides us with valuable insights on cyber threat activity around the world.
  • The National Cyber Threat Assessment highlights four key observations:
    • First, cybercrime is the most likely threat to impact Canadians now and in the years ahead.
    • Second, cybercriminals often succeed in their work because they exploit human and social behaviours.
    • Third, ransomware directed against Canada will almost certainly continue to target large enterprises and critical infrastructure providers; and
    • Finally, while cybercrime is the main threat, state-sponsored cyber programs of China, Russia, North Korea, and Iran pose a strategic threat to Canada.
10. The National Cyber Threat Assessment points to state-sponsored activities of China and Russia, as well as a few other countries, specifically. What is CSE doing to protect Government of Canada networks from these threats?
  • CSE is the primary centralized voice and resource for senior leadership in Government on cyber security operational matters, including incident management, situation awareness, and technical advice and guidance.
  • CSE defends Government of Canada cyber systems and respond to significant cyber security threats and incidents to reduce and mitigate harm to the Federal Government.
  • CSE is a central resource for Government of Canada departments in support of their roles within their sectors.

5G and Huawei

11. Why did it take Canada so long to make a decision on Huawei?
  • The Government of Canada takes the security of Canada’s telecommunications system very seriously and will continue to promote secure and resilient Canadian networks.
  • CSE’s priority is making sure Canada’s telecommunications networks are protected in this next generation of online interconnectivity.
  • That is why CSE is working with partners both domestically and internationally to find ways to increase the security of the telecommunication networks that Canada relies on.
  • Decisions regarding regulation of Canada’s telecommunications networks are better directed to ISED.
12. Does CSE have any concerns about the social media app TikTok or WeChat?
  • CSE's Cyber Centre is not a regulatory agency and as such does not endorse or ban social media applications.
  • It is important for Canadians to adopt good cyber security practices – which CSE shares on the cyber.gc.ca website.
  • We also encourage Canadians to consider the information they’re being asked to give up through the permissions requested by the app, as well as where the app’s servers are located. If the servers are in a foreign country, that country’s laws apply to your data.

New:

  • CSE and the Cyber Centre provide advice and guidance to the Chief Information Officer (TBS) and other government partners on a regular basis.
  • The Cyber Centre was part of the Government of Canada’s discussions regarding the decision to ban TikTok.
  • The Cyber Centre does not decide or recommend what applications or software should be banned; rather, the Cyber Centre evaluates risk as high, medium, or low and advises government partners and client on any required mitigations.

Cyber security

13. What support has CSE provided in response to recent cyberattacks?
  • The Communications Security Establishment (CSE) continues to monitor the cyber threat environment, including cyber threat activity directed at critical infrastructure networks.
  • CSE’s Cyber Centre has alerted Canadian critical infrastructure operators to evolving cyber threats to help make them aware of the risks. The Cyber Centre has also provided expert advice and tailored mitigation tips against cyber threat activity, for example the Ransomware playbook and Security considerations for critical infrastructure.
  • The Government of Canada has systems and tools in place to monitor, detect, and investigate potential threats, and to take active measures to address and neutralize them when they occur. These systems and tools allow the Cyber Centre to share real-time threat information with critical infrastructure stakeholders.
  • Another way that the Cyber Centre contributes to improving the cyber security ecosystem is by releasing some of its cyber defence tools to the open-source community, such as Assembly Line which is a malware detection and analysis tool.
  • If Canadian companies have been impacted by any cyber threats, they are urged to contact CSE’s Cyber Centre.
  • The Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security (Cyber Center) have received reports of several distributed denial of service campaigns, also known as DDoS attacks, targeting the Government, provinces and territories, as well as the financial and transportation sectors.
  • On Friday, September 15, 2023, the Canadian Centre for Cyber Security (Cyber Centre) published a statement and a cyber alert on Cyber.gc.ca warning Canadians of several distributed denial of service (DDoS) campaigns targeting the Government of Canada, provinces and territories, as well as the financial and transportation sectors.
  • The Government of Canada has systems and tools in place to monitor, detect and investigate potential threats, and takes active measures as required. CSE continues to work with its cyber security partners to ensure the Government’s networks and infrastructure are well defended against cyber threats.
14. What is the estimated cost of a cyber incident that impacts the Government of Canada?
  • We do not centrally track the cost of protecting Government of Canada systems and networks from cyber threats.
  • It is difficult to determine the cost as:
    • Cyber security and information assurance is one part of our five-part mandate.
    • We work collaboratively with Shared Services Canada, the Treasury Board Secretariat – Office of the Chief Information Officer, and IT specialists in each department and agency.
  • The cost of an incident – whether that is the loss of Canadians’ personal data, a loss of research and other valuable information held by the government, or a full shutdown due to ransomware – would be significantly higher than the world-class protections put in place by CSE’s Canadian Centre for Cyber Security.

Cyber operations

15. Does CSE conduct foreign cyber operations?
  • CSE may use active and defensive cyber operations to defend Canada or take online action against foreign cyber threats.
  • This authority can also be used to defend systems designated by the Minister of National Defence as being of importance to the Government of Canada, such as:
    • Energy grids
    • Telecommunications networks
    • Healthcare databases
    • Banking systems
    • Elections infrastructure
  • Defensive and active cyber operations must be authorized by the Minister of National Defence. Cyber operations must not:
    • Target Canadians or anyone in Canada
    • Interfere with the course of justice
    • Interfere with the course of democracy
    • Cause death or bodily harm, either deliberately or by criminal negligence

State-sponsored actors

16. Are Chinese or Russian state-sponsored actors attempting to disrupt Canadian critical infrastructure?
  • Canada has previously attributed malicious cyber activity to both China and Russian state-sponsored actors.
  • Furthermore, CSE has assessed that the state-sponsored programs of China, Russia, Iran, and North Korea continue to pose the greatest strategic cyber threat to Canada for the foreseeable future (NCTA 2023-2024).
  • CSE has also assessed that it’s very likely that state-sponsored actors are attempting to develop capabilities that could disrupt critical infrastructure, such as the supply of electricity. The Cyber Centre published a cyber threat bulletin on the cyber threat to Canada’s electricity sector in 2023.
  • These actors may also continue to target our critical infrastructure to collect information, position for future activity or attempt to intimidate Canadians.
  • This is why it is so important for Canadians and Canadian organizations to remain vigilant and secure their networks and systems. Cyber resiliency is more important than ever, and the Cyber Centre is here to help.
  • However, we assess that state-sponsored cyber threat actors will very likely refrain from intentionally disrupting or destroying Canadian critical infrastructure in the absence of direct hostilities. Adopting cybersecurity best practices goes a long way to offsetting risks of exploitation by any cyber threat actor.
17. The National Cyber Threat Assessment points to state-sponsored activities of China and Russia, as well as a few other countries, specifically. What is CSE doing to protect Government of Canada networks from these threats?
  • CSE is the primary centralized voice and resource for senior leadership in Government on cyber security operational matters, including incident management, situational awareness, and technical advice and guidance.
  • CSE defends Government of Canada cyber systems and respond to significant cyber security threats and incidents to reduce and mitigate harm to the Federal Government.
  • CSE is a central resource for Government of Canada departments in support of their roles within their sectors.
18. What is CSE doing in relation to the Russian Invasion of Ukraine and Russian Cyber Threats to Canada
19. What has CSE done in relation to Russian disinformation campaigns?
  • Based on its intelligence reporting, CSE has observed numerous Russian-backed disinformation campaigns online designed to support their actions.
  • CSE observed coordinated efforts by Russia to create and spread disinformation. For example, controlled media outlets were directed to include doctored images of Canadian Forces Members on the front line and false claims about Canadian forces committing war crimes.
  • CSE shared this information on social media as part of the Government of Canada’s efforts to help inform Canadians on how to help stop the spread and protect themselves from disinformation.
  • CSE continues to provide the Government of Canada with the most comprehensive information available related to Canada’s intelligence priorities, directly furthering Canadian safety, security, and prosperity.

Bill C-26 and Bill C-27

20. How will Bill C-26 strengthen government-industry collaboration?
  • When it comes to strengthening cyber security, the interests of governments and industry are very much aligned.
  • Through engagements such as this, government and industry are already working together to build resilience against cyber threats and protect our critical infrastructure.
  • But there is more that can be done, building on our collaborative efforts and successes, and finding new ways to strengthen our partnerships.
  • This proposed legislation is intended to strengthen collaboration and cyber threat information sharing between the private sector and government.
  • By improving the Government’s visibility into cyber threats and vulnerabilities targeting critical infrastructure, we can in turn, disseminate guidance and advice, sharing valuable information about threats and compromises, with CI sectors and operators.
21. The energy sector already has extensive regulatory requirements for cyber security (e.g. NERC CIP standards, CSA standards, regulations), how will CCSPA avoid duplication with these requirements?
  • The CCSPA relies on regulations for implementing the Act and will provide added specificity to the legislation to ensure harmonization and avoid overlap and duplication across sectors and jurisdictions.
  • The legislation was intentionally drafted to allow for consultations with government and industry stakeholders, as this was deemed crucial in developing a regulatory regime.
  • After Royal Assent, the Government will take a pragmatic, active and engaged partnership approach, consulting with governments and industry on the regulations necessary for implementing the CCSPA.
  • We will work with industry and regulators to examine ways to reduce regulatory duplication and consider the cumulative impacts of regulations on industry stakeholders.
  • Existing regulatory frameworks, standards and best practices will be considered during regulation development to avoid duplication for jurisdictions and sectors that already have cyber regulations and standards in place.
22. Why is mandatory reporting under CCSPA required? Why not continue to build on the relationships built through a voluntary approach (e.g., Lighthouse, Blue Flame)?
  • The new requirement for designated operators to report cyber incidents would provide the Government with invaluable insight into the cyber threat landscape in Canada. In turn, increased information sharing about threats will allow industry to take appropriate action to better protect their critical infrastructure.
  • Information received through mandatory incident reporting would be analyzed by CSE’s Cyber Centre and could be aggregated with other reports and information to:
    • provide designated operators with technical advice and guidance to respond to and recover from cyber incidents;
    • warn, without delay, other energy sector operators; and
    • inform Canadians of cyber security risks and trends, without disclosing confidential information.
  • The form and manner for reporting cyber incidents, including thresholds, report contents and timelines will be determined in regulations in consultation with industry.
  • Most importantly, for CCSPA to achieve its objective, it is imperative that incident reporting come into the CSE’s Cyber Centre because it is uniquely positioned to assess this reporting against its classified and unclassified data and provide technical advice and guidance to Canadians and Canadian businesses.
23. How are you engaging with provincial and territorial partners for CCSPA given FPT jurisdiction in the energy sector?
  • The introduction of the CCSPA presents a great opportunity to demonstrate Government leadership towards national reach on cyber security.
  • The Government is working closely with provinces and territories to discuss how to better protect Canada’s cyber systems through a comprehensive, collaborative Canadian cyber security protection framework.
  • Importantly, this legislation can serve as a model for provinces, territories, and municipalities to help secure critical infrastructure outside federal jurisdiction.
  • The CCSPA will complement existing provincial cyber security legislation and regulations to ensure alignment and harmonization, and avoid overlap and duplication, wherever possible.
  • We will continue to engage with governments and industry throughout the legislative and regulatory process to ensure a fulsome approach to the implementation of the CCSPA, and one which will take into account shared responsibilities across jurisdictions in the energy sector.
24. What is the role of the Critical Cyber Systems Protection Act (CCSPA)?
  • The Critical Cyber Systems Protection Act (CCSPA) provides a cyber security framework to critical infrastructure under federal jurisdiction.
  • The CCSP would provide the Government of Canada with the authority to compel action to prevent compromise, or to minimize the impact of a compromise through the issuance of a cyber security direction (CSD). To Note: This authority is expected to be used only as a measure of last resort.
25. What obligations could be enforced on operators to protect critical cyber systems?
  • CCSPA could create enforceable obligations for operators to protect cyber systems that underpin vital services and systems, including to
    • Develop and implement a cyber security program (CSP) for their critical cyber systems within 90 days of being added to the schedule.
    • Take steps to mitigate cyber security risks associated with supply chain and third-party products and services, and
    • Report cyber security incidents to CSE and notify the appropriate regulator.
26. How would Bill C-27, The Digital Charter Implementation Act impact CSE?
  • Should Bill C-27 become law, private sector companies that the Cyber Centre engages with may be affected by new requirements and responsibilities with respect to consumer privacy protection and responsible artificial intelligence development.
  • However, CSE has been granted an exemption from this Bill. We continue to work with our government partners at ISED and Public Safety to ensure our cyber security interests are reflected in the draft legislation.

Cyber operations

27. Does CSE conduct foreign cyber operations?
  • CSE may use active and defensive cyber operations to defend Canada or take online action against foreign cyber threats.
  • This authority can also be used to defend systems designated by the Minister of National Defence as being of importance to the Government of Canada, such as:
    • Energy grids
    • Telecommunications networks
    • Healthcare databases
    • Banking systems
    • Elections infrastructure
  • Defensive and active cyber operations must be authorized by the Minister of National Defence. Cyber operations must not:
    • Target Canadians or anyone in Canada
    • Interfere with the course of justice
    • Interfere with the course of democracy
    • Cause death or bodily harm, either deliberately or by criminal negligence

Baseline Cyber Threat Assessment: Cybercrime

28. What is the Baseline Cyber Threat Assessment on Cybercrime?
  • This Baseline Cyber Threat Assessment report on Cybercrime builds on the assessments the Cyber Centre shared in the National Cyber Threat Assessment (NCTA) and is intended to inform cybersecurity professionals and the public about the threat to Canada and Canadians posed by global cybercrime.
  • The assessment covers cybercrime’s early history, the development of the most significant cybercrime TTPs, and the current nature of the global cybercrime threat and its implications for Canada.
  • The judgements in this assessment are based on the Canadian Centre for Cyber Security’s (Cyber Centre) knowledge and expertise in cyber security and further supported by input from the Royal Canadian Mounted Police (RCMP).
29. What were the key judgements from the assessment?
  • The assessment looks at the strategic threat to Canada posed by the global cybercrime market.
  • The key judgements of the assessment are:
    • Ransomware is almost certainly the most disruptive form of cybercrime facing Canada because it is pervasive and can have a serious impact on an organization’s ability to function.
    • CSE assess that organized cybercrime will very likely pose a threat to Canada’s national security and economic prosperity over the next two years.
    • Over the next two years, financially motivated cybercriminals will almost certainly continue to target high-value organizations in critical infrastructure sectors in Canada and around the world.
    • Russia and, to a lesser extent, Iran very likely act as cybercrime safe havens from which cybercriminals based within their borders can operate against Western targets.
    • We assess that Russian intelligence services and law enforcement almost certainly maintain relationships with cybercriminals and allow them to operate with near impunity.
How is CSE responding the threats outlined in the assessment?
  • This Baseline assessment is meant to give Canadians an accurate picture of the current threat of cybercrime in Canada. We all benefit greatly from living in one of the most Internet-connected nations in the world, and the risks identified in this report can be mitigated.
  • The Cyber Centre takes the threat of cybercrime to Canadians and Canadian organizations very seriously. We continue to publish alerts to warn about active campaigns, as well as reports and guidance to raise awareness.
    • In July 2023, the Cyber Centre published an alert about ALPHV/BlackCat ransomware targeting Canadian industries. The Cyber Centre has also published joint cyber security advisories warning Canadians about Truebot malware and LockBit ransomware.
  • The Cyber Centre also provides tailored advice and guidance products available on their website. If an organization believes they have been a victim of cybercrime or if they wish to receive additional supports to mitigate potential threats, they are invited to reach out to the Cyber Centre at any time – collaboration is key as we work to minimize the impacts of cybercrime in Canada.

Threats to critical infrastructure

31. How is CSE protecting our critical infrastructure?
32. How does CSE contribute to a secure Government of Canada cloud infrastructure?
  • As noted in our 2021-2022 Annual Report, CSE continues to act as a pathfinder for the Government of Canada in migrating to the cloud.
  • CSE was the first department to securely implement several commercial cloud applications, securing them with our cloud-based sensors and sharing the lessons learned with other departments.
  • Over the past few years, CSE has continued to shift workloads, services, tools, and applications to the cloud.
  • This shift allows CSE to deploy new cyber defence tools more quickly and allows our employees to work and collaborate more easily.
  • The Cyber Centre uses autonomous sensors to detect malicious cyber activity on government networks, systems, and cloud infrastructure. CSE uses three types of sensors:
    • network-based sensors
    • cloud-based sensors
    • host-based sensors
  • These sensors securely gather system data and feed it back to the Cyber Centre for analysis. Some critical infrastructure partners, including provinces and territories, also send us technical data from system security logs. This helps us protect them and improves our analytics for the Government of Canada and other partners.
33. Is CSE spying on Canadians’ information contained in the Cloud?
  • To be clear, CSE is not permitted to target Canadians or persons in Canada in our intelligence gathering.
  • CSE strives to be as transparent as possible so that Canadians can be confident that we respect the law and protect their privacy.
  • CSE and the Cyber Centre’s defensive tools are working continuously with strict privacy controls in place.
  • We work with our federal partners to ensure the appropriate safeguards have been applied to ensure security and privacy of their information that are hosted in the cloud.
34. Why is the Cloud infrastructure important for the Government of Canada?
  • Government of Canada organizations are increasingly leveraging cloud computing which has the potential to deliver agile, flexible, and cost-effective IT services.
35. To your knowledge, where do most of the cyber attacks or attempted attacks against Canada, originate from?
  • Cyber attacks can originate from anywhere in the world and wherever they’re originated from doesn’t necessarily represent where they are coming from.
  • In our National Cyber Threat Assessment, CSE identified that the state-sponsored programs of China, Russia, North Korea, and Iran pose the greatest strategic cyber threat to Canada.
  • Cybercrime is still the number one cyber threat activity affecting Canadians.

Foreign interference

36. Can you confirm there was foreign interference in the 2019 election?
  • We are aware of the persistent threat of foreign interference.
  • Throughout the federal election, the Security and Intelligence Threats to Elections (SITE) Task Force actively monitored the situation for signs of foreign interference.
  • A Panel of non-partisan senior civil servants administered the Critical Election Incident Public Protocol, which includes a mandate during the caretaker period to inform the public if an incident or series of events occurred that threatened Canada’s ability to hold a free and fair election
  • The Government of Canada did not detect foreign interference that threatened Canada’s ability to have a free and fair election, and that warranted public communication, as determined by the Panel under the Critical Election Incident Public Protocol.
  • In the lead up to Canada’s 2021 federal election, CSE had defensive cyber operations authorities in place to protect the electronic infrastructure used by Elections Canada.
  • Had there been malicious cyber activity targeting the election process, CSE would have been ready to act on it right away.
37. What threats are there to our elections from a foreign interference lens? What has CSE done to guard against this?
  • CSE has provided unclassified assessments of cyber threats to Canada’s democratic process in 2017, 2019, and 2021. Within each assessment, foreign interference is included as a key threat to Canada’s elections.
  • In the lead up to and during the 2019 and 2021 Federal Elections, CSE worked with partners at the Canadian Security Intelligence Service (CSIS), Global Affairs Canada (GAC), and the RCMP as the Security and Intelligence Threats to Elections Task Force (SITE).
  • CSE’s role in SITE was to monitor for foreign threats and interference with electoral processes in Canada.
  • If CSE were to become aware of a cyber threat, including those directed at a provincial electoral process, we would take appropriate action to address the threat.
38. Are you aware of foreign cyber threat activities targeting Canadian democratic institutions or processes?
  • In CSE’s most recent report on Cyber Threats to Canada’s Democratic Process, we have assessed that state-sponsored actors with ties to Russia and China are responsible for the majority of cyber threat activity against democratic processes worldwide.
  • For example, state-sponsored actors have promoted content and messaging related to QAnon for the purpose of reaching voters in the US.
  • These reports are intended to raise awareness and draw further attention to known state-sponsored cyber threat activity, including the tactics, techniques and procedures used to target Canada’s democratic processes.
39. Are Chinese or Russian state-sponsored actors attempting to disrupt Canadian democratic institutions or processes?
  • CSE has assessed that both China and Russia are responsible for the majority of cyber threat activity against democratic processes worldwide.
  • Since 2015, over 90 percent of the cyber threat activity against democratic processes we observed by Russia, China and others targeted states and regions of strategic significance to them.
  • State-sponsored actors such as these, have taken advantage of domestic groups and movements in other countries and used the messages and reach of these domestic groups to better influence voters.
  • Adopting cybersecurity best practices goes a long way to offsetting risks of exploitation by any cyber threat actor.
40. The National Cyber Threat Assessment points to state-sponsored activities of China and Russia, as well as a few other countries, specifically. What is CSE doing to protect Government of Canada networks from these threats?
  • CSE is the primary centralized voice and resource for senior leadership in Government on cyber security operational matters, including incident management, situational awareness, and technical advice and guidance.
  • CSE defends Government of Canada cyber systems and respond to significant cyber security threats and incidents to reduce and mitigate harm to the Federal Government.
  • CSE is a central resource for Government of Canada departments in support of their roles within their sectors.

Research institutions

41. How is CSE contributing to safeguard research?
  • Canada’s future prosperity depends on Canadian research and intellectual property. Both are frequent targets of cyber espionage. CSE helps protect Canada’s economic security by advising Canadian research organizations on how to protect their valuable information.
  • In July 2021, Innovation, Science and Economic Development Canada released new National Security Guidelines for Research Partnerships. These guidelines aim to safeguard Canadian scientific research from ending up in the hands of actors who pose a threat to Canada’s national security, such as foreign governments or militaries.
  • In July 2022, CSE and other national security partners began the national security risk review process under these guidelines.
42. Budget 2022 proposed new funding to enhance Canada’s cyber security capabilities through research investments. What research activities are conducted within CSE?
  • The Tutte Institute for Mathematics and Computing (TIMC) is a government research institute focused on fundamental mathematics and computer science. Its mission is to deliver research results with an impact on the most important scientific challenges facing the Canadian and Five Eyes security and intelligence communities.
  • The TIMC’s key research areas are cryptography and data science. It draws upon many mathematical and computational fields, including algebra, algebraic geometry, combinatorics, data science, topology, number theory, and quantum computing.
  • The Natural Sciences and Engineering Research Council of Canada (NSERC) and the Communications Security Establishment (CSE) recently announced a new partnership to fund research communities to conduct unclassified research on cutting-edge technologies in areas of strategic importance to CSE and the Government of Canada. The Research Communities grants focus on robust, secure, and safe artificial intelligence (AI).
43. What has CSE done specifically to reduce the risks that Canadian research and development efforts could be compromised, specific points about what CSE is doing with Canadian universities, government science and research labs, and the private sector?
  • CSE, in collaboration with CSIS, continues to engage with all these entities to provide broad and tailored unclassified threat briefings. CSE, through the Cyber Centre, has published practical steps organizations can proactively take to protect themselves. These publications are all available online. This is in addition to alerts and advisories published regularly to draw attention to security vulnerabilities or issues, such as the recent Cyber Alerts on state-sponsored actors and Russian intelligence malware.
  • Further, when CSE sees malign foreign cyber activities, the Cyber Centre works with its security and intelligence partners to alert the victims and assist with recovery.
  • In certain instance CSE will also work government partners and allies to publicly attribute malicious cyber threat activity.
  • More recently, CSE has been working with ISED to assess the cyber security posture for recipients of strategic innovation funds, but it is important to note that all of the advice and guidance is publicly available for all Canadian organizations.

Resource and funding

44. Does CSE need more resources?
  • CSE continues to use all the resources at its disposal to protect Canadians as the threats Canada faces continue to evolve. As the situation evolves, CSE will continue to assess its requirements.
45. Will the TBS-directed cuts will have any impact on CSE's operations?
  • There are no cuts to CSE's 2023-2024 operating budget. The reductions begin in 2024-2025 and ramp up to a permanent reduction of $20M by 2026-27.
  • CSE is currently examining the years ahead and is developing a strategy to meet the spending reductions outlined by TBS.
  • CSE is committed to meeting spending reductions while still delivering its mission. CSE is carefully analyzing the areas that could be reduced with the least operational impact.

Recruitment and retention

46. Is recruitment and retention still considered a challenge for CSE?
  • The Communications Security Establishment (CSE) is an employer of choice – we are fortunate that many talented people choose to work with us. Each year CSE receives on average, 10,000 to 15,000 applications from applicants with diverse skill sets and cultural backgrounds.
  • Over the past several years, CSE has experienced continued and sustained growth. Since 2019, our workforce has grown from approximately 2600 employees to 3,232 full-time employees as of March 31, 2023. We believe that this growth, combined with our comparatively low attrition rate reflects the positive work environment, employee development and support programs we have in place.
  • CSE has also been recognized as a Top Employer in 2020, 2021, 2022, and 2023, as well as one of Canada’s Top Employer for Youth for the past 7 years in a row.
  • No organization has a zero percent attrition rate, nor would they want it. We value the contribution of all employees; not matter how long they stay with us.
  • CSE employees are amongst the smartest and most talented people in their fields. Their unique skillsets are in high demand it is not surprising that there are opportunities for them outside of CSE.
 

Supplementary Estimates (B) overview

Speaking notes

  • The Communications Security Establishment (CSE) is one of Canada’s key security and intelligence agencies and the lead federal technical authority for cyber security.
  • The CSE provides valuable foreign intelligence to inform the Government of Canada’s decision making and protect national security.
  • Its sophisticated cyber and technical expertise also helps identify, prepare for, and defend against threats to Canada and its cyber systems and networks.
  • While conducting these activities, CSE respects the highest standards of lawfulness, ethics, values, and the protection of the privacy of Canadians.
  • CSE’s 2023-24 Supplementary Estimates (B) (SEB) include a net funding increase totaling $15.2M including Employee Benefit Plan (EBP) costs.
    • Funding of $17.4M relating to four Treasury Board (TB) Submissions.
    • A net funding decrease of ($2.2M) resulting from seven Interdepartmental transfers.
  • With the approval of SEB, CSE’s 2023-24 budgetary authorities will total $1,000.1M, including EBP costs.

Details

Line items included in CSE's 2023-24 SEB
  • Funding for the ongoing operation of the Canadian Centre for Cyber Security.
  • Funding for the Interim Quantum Safe Capability project.
  • Funding for government advertising programs.
  • Funding for enhancing national security through an academic research initiative.
  • Interdepartmental Transfers:
    • From Shared Services Canada to CSE
    • From Department of Finance to CSE
    • From CSE to Treasury Board Secretariat (2 Transfers)
    • From CSE to Canadian Security Intelligence Service
    • From CSE to Department of Foreign Affairs, Trade and Development (2 transfers)

Details: Funding included in CSE's 2023-24 SEB

Funding for the ongoing operation of teh Canadian Centre for Cyber Security: $13.0M ($10.8M plus $2.2M EBP)

CSE will utilize this funding for personnel funding. The operating funding was already included in CSE’s reference levels as a frozen allotment, [redacted].

Funding for the Interim Quantum Safe Capability Project: $1.6M

Reprofiled from a prior year frozen allotment requested at the 2021-22 fiscal year-end. This project will ensure that the confidentiality of the Government of Canada's classified cryptographic devices is protected.

Funding for government advertising programs: $1.5M

Horizontal item involving various departments, CSE will use these funds to combat online disinformation.

Funding for national security through an academic research initiative: $1.2M plus $0.2 EBP

Budget 2022 identified funding to enhance national security through a classified and unclassified research initiative.

Transfer from Shared Services Canada (SSC) to CSE: $1.8M

This funding will be used for CSE’s cyber security contributions to support the Secure Communications for National Leadership program.

Transfer from Department of Finance to CSE: $0.1M

This funding is to support ongoing risk mitigation and monitoring under the Retail Payment Activities Act (RPAA).

Transfer from CSE to Treasury Board Secretariat (TBS): $25.0K

This funding includes:

  • $15.0K to support the Capacity Accelerator Project at the Office of the Comptroller General; and
  • $10.0K for financial community developmental programs and initiatives.
Transfer from CSE to Canadian Security Intelligence Service (CSIS): $0.3M

This funding will be utilized to support the Integrated Terrorism Assessment Centre (ITAC). ITAC is a federal organization responsible for assessing terrorism threats to Canada and Canadian interests worldwide. Its products support the decision-making needs of senior federal leaders.

Transfer from CSE to Department of Foreign Affairs, Trade and Development (GAC): $3.9M

This funding includes:

  • $2.7M in support of cyber security services; and
  • $1.2M for fees for GAC to administer CSE personnel overseas.

GAC is a common service provider for Government of Canada operations abroad and receives compensation for the increased cost of operations resulting from staff being posted at Canadian missions and liaison offices by other government departments.

 

Issue notes

Top cybersecurity points

  • Cyber security is a foundation for Canada’s future, for our digital economy, our personal safety, and national prosperity and competitiveness.
  • Every day, the Communications Security Establishment (CSE) uses its sophisticated cyber and technical expertise to help monitor, detect, and investigate threats against Canada’s information systems and networks, and to take active measures to address them.
  • CSE’s Canadian Centre for Cyber Security (Cyber Centre) uses sensors to detect malicious cyber activity on government networks, systems and cloud infrastructure; and networks, systems and electronic infrastructures of importance to the Government of Canada.
  • This year, CSE’s automated defences protected the Government of Canada from 2.3 trillion malicious actions, an average of 6.3 billion a day.
  • It is critical that Canada has strong cyber defence capabilities as recent geopolitical events and incidents of cybercrime have elevated the potential risk of cyber threats, this was outlined in the 2023-2024 National Cyber Threat Assessment (NCTA).
  • CSE continues to publish advice and guidance to help organizations be less vulnerable and more secure. It works with industry partners, including government and non-government partners, to share threat information and cyber security best practices.
  • Cyber security matters to all of us, and the federal government works together with other jurisdictions, organizations, as well as critical infrastructure network defenders to raise Canada’s cyber security bar.
  • If Canadian companies have been impacted by cyber threats, they are urged to contact the Cyber Centre toll free at 1-833-CYBER-88, by email contact@cyber.gc.ca or visit https://www.cyber.gc.ca/en/incident-management.

Background

  • CSE utilizes its mandate to reduce the impact of cybercrime on Canadian businesses, organizations, and individuals.
  • Ongoing efforts include:
    • collecting intelligence on cybercrime groups
    • enhancing cyber defences to protect critical systems against cybercrime threats
    • advising Canadian critical infrastructure providers on how to protect themselves against cybercrime; and
    • using active cyber operations capabilities (ACO) to disrupt the activities of cybercrime groups.
  • In addition, working with Canadian and allied partners, CSE has conducted ACO to reduce the ability of cybercrime groups to:
    • target Canadians, Canadian businesses and institutions
    • launch ransomware attacks
    • solicit, buy and sell cybercrime goods and services
  • These operations imposed costs on cybercrime groups by making their activities more difficult and less profitable. The aim is to deter future cybercrime attempts on Canadian targets.

Protecting Canada's telecommunications system

  • The Government of Canada conducted an extensive examination of 5G wireless technology and the various technical, economic, and national security aspects of 5G implementation.
  • As a result of this examination, Bill C-26, An Act Respecting Cyber Security (ARCS) was introduced in June 2022 to further strengthen our telecommunications system and protect our national security.
  • This legislation will amend the Telecommunications Act to allow the Government to take action to prohibit the use of equipment or services from low confidence suppliers.
  • In addition, the Communications Security Establishment’s (CSE) Security Review Program (SRP), which has a proven track-record of protecting Canada’s 3G/4G/LTE networks, will evolve to consider the security of Canada’s telecommunications system more broadly.
  • Under the new Telecoms Cyber Resilience Program, CSE continues to work with Canadian telecommunications service providers (TSPs) to help them mitigate cyber security and supply chain risks.
  • Together, these efforts are part of a robust strategy to defend the critical digital infrastructure upon which Canadians rely.

Growth, recruitment, and retention at CSE

  • Over the years, CSE has experienced continued and sustained growth that has enabled the agency to adapt and address the growing cybersecurity landscape.
  • No other governmental agency within Canada is undertaking the crucial cyber security work done at CSE. In fact, only a few other jurisdictions around the world have similar operations thereby positioning Canada’s cryptological agency at the forefront of cyber operations and defence.
  • Recruiting skilled employees in the high-tech field remains challenging and highly competitive. At CSE, the same is true due to the specific technical competencies required for many positions within the organization.
  • Despite the highly competitive nature of recruitment, CSE has been recognized as a Top Employer in 2020, 2021, and 2022, as well as one of Canada’s Top Employers for Youth for the past six years in a row.
  • CSE and the Canadian Centre for Cyber Security are hiring for a variety of positions including foreign language intelligence analysts, engineers, mathematicians, computer science specialists and cyber security professionals.
  • CSE also received significant recognition through Budget 2022 in which proposed $875.2 million over five years for CSE, beginning in 2022-23, for additional measures to address the rapidly evolving cyber threat landscape.

Background

Quick facts
  • At CSE there is a 2% retirement and 2% resignation rate for a total of 4% attrition per year.
  • CSE has a relatively low attrition rate which reflects its investment in creating a healthy work environment, encouraging employee professional development, embracing diversity and inclusion as mission imperatives, and having excellent counselling and employee support programs in place.
Equity, Diversity and Inclusion
  • As a security and intelligence organization, promoting diversity at CSE allows the workplace to integrate broad perspectives, experiences, and worldviews into its operations. As a result, individuals can pursue CSE’s mission in a nurturing and welcoming environment.
  • Working with equity-deserving groups both inside and outside of CSE on the promotion of equity, diversity and inclusion will enable CSE to evolve its processes, operations and policies in a manner that serves all Canadians effectively.
  • In effort of working towards reconciliation, CSE continues to participate in the Government of Canada’s IT Apprenticeship Program for Indigenous Peoples, a program that matches First Nations, Inuit and Métis candidates to help them build the skills they need for an IT career in the federal public service.

Cyber capabilities

  • Potential adversaries are leveraging and developing cyber capabilities in order to exploit vulnerabilities in our cyber systems.
  • The CSE Act allows the Communications Security Establishment (CSE) to carry out activities on or through the global information infrastructure to degrade, disrupt, influence, respond to, or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security.
  • CSE employs sophisticated cyber tools and technical expertise to help identify, prepare for, and defend against cyber threats, as well as to impose costs on malign actors that seek to harm Canada’s information systems, networks, businesses, and institutions.
  • CSE’s Canadian Centre for Cyber Security (the Cyber Centre) is Canada’s authority on cyber security. As a unified source of expert advice and guidance, CSE’s Cyber Centre leads the Government’s operational response to cyber incidents. The Cyber Centre also collaborates with the rest of government, the private sector and academia to strengthen Canada’s cyber resilience.
  • Cyber operations capabilities are also a key element of military and state power, needed to deter and defeat external threats to Canada in times of peace and conflict.
  • CSE and the Canadian Armed Forces (CAF) continue to work with domestic and international partners to support and build a stable cyberspace built on the respect for international law and the norms of responsible state behaviour in cyberspace.
  • The CAF contributes to international peace and security through cyber threat intelligence sharing with Allies and partners, and through the conduct of full spectrum cyber operations as authorized by the Government of Canada.
  • Specifically, the CAF relies on the force multiplier effects of technology enabled communications, intelligence, and weapon systems, all of which must be secured and defended from cyber threats.

Quick facts

The CSE Act sets out five aspects of CSE’s mandate, which contributes to the lines of operations above. This includes:

  • Cybersecurity and information assurance
  • Foreign intelligence
  • Defensive cyber operations
  • Active cyber operations; and
  • Technical and operational assistance

CSE may use defensive cyber operations to defend Canada against foreign cyber threats by taking online action. For example, CSE could prevent cyber criminals from stealing information from a Government of Canada network by disabling their foreign server. This authority can also be used to defend systems designated by the Minister of National Defence as being of importance to the Government of Canada, such as energy grids, telecommunications networks, healthcare databases, banking systems, and elections infrastructure.

Active cyber operations allow CSE to take online action to disrupt the capabilities of foreign threats to Canada, such as: foreign terrorist groups, foreign cyber criminals, hostile intelligence agencies, and state-sponsored hackers. Threats that CSE disrupts must relate to international affairs, defence or security.

CSE, supported by Global Affairs Canada and the CAF, has a proven track record that respects and reinforces Canada’s statement on international law and cyber norms.

CSE’s Canadian Centre for Cyber Security (the Cyber Centre) reminds the Canadian cybersecurity community, especially infrastructure network defenders, to be vigilant against sophisticated cyber threats.

Canadian Armed Forces cyber capabilities:
  • Defensive cyber operations are employed to respond and/or counter a threat by an adversary in cyberspace, whereas offensive cyber operations are conducted to project power in, or through, cyberspace to achieve effects in support of military objectives.
  • CSE and the CAF continue to develop and scale offensive and defensive cyber operations capabilities. This partnership enables Cyber operations and provides the Government of Canada flexibility in achieving strategic objectives.
  • The Canadian Armed Forces holds the responsibility of safeguarding its military networks on a continuous basis, and actively cooperates with CSE and international partners to help protect joint critical networks among Allies and within NATO.

Background

CSE and its Canadian Centre for Cyber Security
  • Cyber security is a foundation for Canada’s future, for our digital economy, our personal safety, and national prosperity and competitiveness.
  • Every day, the Communications Security Establishment (CSE) uses its sophisticated cyber and technical expertise to help monitor, detect, and investigate threats against Canada’s information systems and networks, and to take active measures to address them.
  • Recent geopolitical events have elevated the potential risk of cyber threats, as outlined in the 2023-2024 National Cyber Threat Assessment.
  • CSE continues to publish advice and guidance to help organizations be less vulnerable and more secure. It works with industry partners, including government and non-government partners, to share threat information and cyber security best practices.
  • Cyber security is a whole-of-society concern, and the federal government works together with other jurisdictions, organizations, as well as critical infrastructure network defenders to raise Canada’s cyber security bar.
  • If Canadian companies have been impacted by cyber threats, they are urged to contact the Cyber Centre toll free at 1-833-CYBER-88, by email contact@cyber.gc.ca or visit https://www.cyber.gc.ca/en/incident-management
Canadian Armed Forces and the Communications Security Establishment Cooperation:
  • The Canadian Armed Forces and CSE have a long history of partnership in the development of highly technical and specialized capabilities that support Canadian Armed Forces operations.
  • These activities are subject to CSE’s rigorous system of internal policies and procedures as well as independent oversight and review.
  • Cooperation between the Canadian Armed Forces and CSE ensures the best use of tools and capabilities, reduces unnecessary duplication of efforts, leverages each other’s authorities, and improves the chances of meeting mission objectives.
Authorizations and safeguards:
  • Cyber operations undertaken in support of government objectives will be pursuant to the CSE Act, and the Crown Prerogative and the National Defence Act, and will be consistent with Canada’s international legal obligations.
  • CSE is prohibited by law from targeting the private information of Canadians or any person in Canada and must not infringe the Canadian Charter of Rights and Freedoms.
  • Cyber operations conducted under CSE authorities require the Minister of National Defence to issue a Ministerial Authorization, which requires either consultation with the Minister of Foreign Affairs (for defensive cyber operations) or at the request of or with the consent of the Minister of Foreign Affairs (for active cyber operations).
  • In conducting cyber operations, Canada recognizes the importance of adhering to international law and agreed norms of responsible state behaviour in cyberspace. Canada’s authorities and governance framework to conduct cyber operations is supported by a strong independent review process, as well as internal oversight for operational compliance.
  • Foreign cyber operations are further subject to proven checks and balances such as rules of engagement, targeting and collateral damage assessments.
Offensive Cyber Operations:
  • SSE committed the Canadian Armed Forces to assuming a more assertive posture in the cyber domain by hardening its defences, and by conducting offensive cyber operations against potential adversaries as part of government-authorized military missions.
  • The CSE Act allows CSE to carry out activities on or through the global information infrastructure to degrade, disrupt, influence, respond to, or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security.
Canadian Armed Forces Cyber Operator:
  • SSE directed the creation of the Canadian Armed Forces Cyber Operator occupation. This trade includes both Reserve and Regular Force members who conduct both defensive and offensive cyber operations with the goal of supporting operational objectives and delivering tactical effects.
Cyber Mission Assurance Program:
  • Strong, Secure, Engaged (SSE) directed the creation of the Cyber Mission Assurance Program. It is part of the cyber capability to protect critical military networks and equipment from cyber threats. Platforms like aircraft, ships, and vehicles are becoming increasingly dependent on cyberspace. The Cyber Mission Assurance Program ensures that cyber resilience is a primary consideration when new equipment is procured.
  • Cyber threats pose unique challenges in projecting and sustaining military power. The changing global environment and the increasing dependence on cyberspace technologies demands a significant change in our culture. The introduction of cyber-resiliency mindset in all our activities is required for the CAF to maintain its competitive advantage. The Cyber Mission Assurance Program focuses on managing the risks associated with cyber threats, to improve resilience, and increase the probability of mission success.

Ransomware

  • Ransomware poses a threat to Canada’s national security and economic prosperity.
  • Threat actors will typically compromise a victim, encrypt their data, and demand ransom to provide a decryption key.
  • Data stolen during a ransomware attack almost certainly enables further cyber threat activity from a range of actors. Threat actors can also leverage sensitive business information to support commercial espionage.
  • Ransomware can incur significant costs, disrupt the operation of important systems, damage or destroy an organization’s data, and reveal sensitive information.
  • A ransomware attack can prevent access to essential services and in some cases, threaten Canadians’ physical safety and wellbeing.
  • The Government of Canada is working to reduce the threat of ransomware by targeting and disrupting cybercriminals, coordinating strategies with international allies and by issuing advice, guidance, and services for those affected by ransomware.
  • In 2021, CSE shared a ransomware playbook for incident prevention and recovery, and an updated cyber threat bulletin. CSE also published, the 2023-2024 National Cyber Threat Assessment (NCTA) which highlights the cyber threats faced by individuals and organizations in Canada, including ransomware.
  • Although it remains a business decision, organizations should be aware that paying a ransom funds criminal enterprises. It also enables further malicious cyber activity and ultimately there is no guarantee that cybercriminals will return stolen information.

If pressed on any specific ransomware group and/or activities:

  • CSE does not comment on specific cyber security incidents; however, they continue to provide advice and guidance to Canadians and Canadian organizations, if and when requested.
  • CSE’s Canadian Centre for Cyber Security continues to monitor new forms of ransomware and vulnerabilities, and shares tips and threat information with partners across Canada to help mitigate risks.
  • I encourage all victims to report cybercrime activities to local law enforcement and the RCMP. I would also encourage victims to report a cyber incident to CSE’s Canadian Centre for Cyber Security (Cyber Centre) so that they can help share threat-related information with partners to help keep Canada and Canadians safe online.

Quick facts

  • Malicious cyber activity poses an ongoing threat to Canada’s federal institutions and critical infrastructure. This includes criminal activity such as ransomware attacks, and state-sponsored activity for strategic gain. The Cyber Centre’s automated defences protect the Government of Canada from over 6 billion malicious actions a day. These include attempts to map systems and networks, to extract information or to deploy malware.
  • As outlined in the 2023-24 NCTA, Cybercrime is the cyber threat Canadians are most likely to face.

Background

  • Cybercrime is big business for cybercriminal organizations and has major impacts on Canada’s economic security.
  • In the Cyber Centre’s National Cyber Threat Assessment (NCTA) 2023-24 unclassified threat report, they outlined how cybercrime continues to be cyber threat activity most likely to affect Canadians and Canadian organizations.
  • CSE and the Cyber Centre uses the breadth of its mandate to reduce the impact of cybercrime on Canadian businesses, organizations and individuals. Ongoing efforts include:
    • collecting intelligence on cybercrime groups
    • enhancing cyber defences to protect critical systems against cybercrime threats
    • advising Canadian critical infrastructure providers on how to protect themselves against cybercrime; and
    • using our active cyber operations capabilities (ACO) to disrupt the activities of cybercrime groups
  • For example, under these authorities, CSE has launched an enduring campaign to disrupt foreign cybercriminals who threaten Canadian and allied systems with ransomware attacks. These systems include health care providers and other critical infrastructure owners.
  • Under this campaign, CSE has executed dozens of operations that have disrupted the foreign infrastructure used by these groups. These operations have allowed the Cyber Centre and other cyber defenders to work with these system owners to prevent them from becoming victims of ransomware attacks.
  • In addition, working with Canadian and allied partners, CSE has conducted ACO to reduce the ability of cybercrime groups to:
    • target Canadians, Canadian businesses and institutions
    • launch ransomware attacks; and
    • solicit, buy and sell cybercrime goods and services including:
      • Canadian personal information
      • Canadian proprietary information
      • malware
  • These operations imposed costs on cybercrime groups by making their activities more difficult and less profitable. The aim is to deter future cybercrime attempts on Canadian targets.

Foreign interference and the democratic process

  • The Government of Canada takes seriously its responsibility to protect Canadians from foreign interference, regardless of the source.
  • In the lead up to and during the 2021 Federal Election, the Communications Security Establishment (CSE), the Canadian Security Intelligence Service (CSIS), Global Affairs Canada (GAC), and the Royal Canadian Mounted Police (RCMP) worked together closely as part of the Security and Intelligence Threats to Elections Task Force (SITE).
  • CSE’s Cyber Centre also worked with Elections Canada to help secure election systems and infrastructure.
  • Our security and intelligence agencies coordinated integrated government efforts by raising awareness, monitoring, and reporting on threats, and providing advice to protect our democracy.
  • CSE’s 2023-24 National Cyber Threat Assessment (NCTA) highlights how online foreign influence activities have become a new normal with adversaries seeking to influence elections and impact international discourse related to current events.
  • SITE Task Force partners will continue to work within their respective mandates to detect and counter possible foreign threats to Canada and its democratic institutions.
  • While Canada’s democratic institutions and processes are strong and resilient, CSE continues to actively work to ensures their continued protection.

Background

Reviews of foreign interference
  • In March 2023, the Prime Minister announced measures to strengthen trust in Canada’s democracy.
  • This included requesting NSICOP and NSIRA to review the impact of foreign interference in the 2019 and 2021 federal elections, and how Canada’s national security agencies handled the threat. NSIRA and NSICOP launched their reviews in March, with CSE receiving the first requests for information in April.
  • The Prime Minister appointed an Independent Special Rapporteur (ISR) on Foreign Interference who published the first report and interim recommendations on May 23, 2023.
  • The report:
    • Reaffirmed that the 2019 and 2021 federal elections were free and fair.
    • Acknowledges that foreign interference is a serious threat and makes recommendations to detect, deter, and counter it.
    • Found that there are shortcomings in the way intelligence is communicated and processed from security agencies through to government.
    • Concluded that a further public process is required to address issues relating to foreign interference, but there should not and need not be a separate Public Inquiry.
  • CSE welcomes these external reviews into foreign interference in Canada’s elections and will continue to support them and Parliament moving forward.

Accountability, review and oversight of CSE activities

  • The Communications Security Establishment (CSE) operates within strict internal and external mechanisms to ensure its activities comply with the law and protect the privacy of Canadians and people in Canada.
  • CSE is committed to being as open and transparent as possible, while still protecting classified matters of national security.
  • CSE and its Canadian Centre for Cyber Security (Cyber Centre) publish numerous publications on their websites to enhance transparency and share information with Canadians.
  • Some of those key publications include CSE's Annual Report, the National Cyber Threat Assessment (NCTA), Threats to Democratic Institutions Report (TDP), as well as various cyber threat alerts.
  • In addition, in 2019, the government enhanced the review and oversight of CSE, as well as the broader security and intelligence community, following the Royal Assent of Bill C-59, The National Security Act.
  • CSE is subject to ongoing review by two independent external review bodies:
  • the National Security and Intelligence Review Agency (NSIRA); and
  • the National Security and Intelligence Committee of Parliamentarians (NSICOP).
  • Based on their distinct mandates, both NSIRA and NSICOP are responsible for reviewing Government of Canada national security and intelligence activities. Whereas NSIRA consists of Governor-in-Council appointees, NSICOP consists of members of Parliament and Senate.
  • Together the two organizations help ensure CSE and other members of the security and intelligence community are held accountable for their national security and intelligence activities.
  • Through the publication of reports, NSIRA and NSICOP also increase transparency for Canadians on the activities of the security and intelligence community.
  • To support their reviews, CSE provides both NSICOP and NSIRA with extensive access to information, documents, records, and subject matter experts.
  • In addition to NSIRA and NSICOP, the Intelligence Commissioner (IC) provides oversight by approving authorizations for certain CSE and CSIS activities prior to their execution.
  • Similar to review bodies, the Intelligence Commissioner prepares annual public reports that allows Canadians to have a better understanding of the activities CSE and CSIS undertake.
  • CSE values independent, external review and oversight of their activities, and remains committed to a positive and ongoing dialogue with these important institutions.

Background

Quick facts
  • This year, CSE’s internal compliance team conducted:
    • annual compliance knowledge accreditation
    • compliance incident handling
    • systematic operational monitoring
    • compliance outreach and education
    • annual compliance training
    • knowledge testing
    • routine monitoring
    • engagement initiatives
  • CSE submitted a total of 6 Ministerial Authorizations to the IC in FY 2022-23:
    • 3 Foreign Intelligence Authorizations
    • 3 Cybersecurity Authorizations
  • The IC fully approved 4 of the 5 Authorizations. The IC partially approved 1 Cybersecurity Authorization. In this case, the Intelligence Commissioner approved the authorization with the exception of one activity, concluding that there was not enough information to establish whether the activity was covered by the CSE Act.
  • CSE External Review bodies statistics in FY 2022-23:
    • CSE contributed to 22 external reviews:
    • 17 by NSIRA
    • 4 by NSICOP
    • 1 by the Independent Special Rapporteur
    • CSE held 52 briefings, meetings or interviews with review staff
    • CSE responded to 502 questions from our review bodies
  • CSE answered 89% of questions submitted by NSICOP and NSIRA by the requested due date.
  • This year, CSE’s transparency activities included:

Emerging technology

  • CSE is a thought leader and pathfinder in emerging digital and cyber technologies and our expertise is leveraged to inform Government policies on emerging technologies.
  • CSE’s Research Directorate includes teams of researchers in the fields of cryptography, cyber security, vulnerability research, high-performance computing, data science and artificial intelligence. Some examples of these emerging technologies include:
    • AI which is used today to perform specific tasks, such as to use facial recognition to access your mobile device or ask your smart speaker for the weather forecast.
    • Quantum computing which is intended to overcome the physical limitations of conventional computing through the application of quantum physics. Quantum computers powerful enough to threaten the security of modern cryptographic methods could be available as early as the 2030s.
  • These technologies are in varying states of development and realization, they all have implications for Canada’s economic prosperity, national security, and the individual safety and privacy of Canadians.
  • While the capabilities of emerging technologies present great opportunities, they can also be maliciously deployed by sophisticated threat actors.
 

Background material

Committee Membership and Profiles

 
Portrait - John Mckay
CSE-related interests
  • Former Parliamentary Secretary to the Minister of National Defence
  • Has demonstrated an interest in cyber and cognitive warfare in relations to the Indo-Pacific Strategy (September 2023)
  • Demonstrated concern of Russia’s actions in Ukraine and multiple cyber-attacks on Canada (January 2022) and an interest to discuss Arctic security (November 2022).
  • One of the few Government-side MPs who voted in favour of the CPC’s Opposition Motion in November 2020, which called on the Government to make a decision on the Huawei Ban.
  • During SECU’s study of Bill C-59 asked what contributions the Bill would make to address cyber threats to private infrastructure (2018).
  • McKay expressed concern surrounding the lack of clarity for reporting cyber incidents for Canadians during the Public Safety Committee (December 2020).
 
 
Portrait - James Bezan
CSE-related interests
  • Interest in China, Russia, and defending the Arctic territory (2022)
  • Concerned with Canadian data and information and protecting citizen’s Charter rights, particularly from Pegasus software system during discussions of Bill C-27 (November 2022): “There are times we have to use it in the collection of data. […] We know that to use that type of technology, to protect the rights of Canadians, there should be a warrant issued to ensure there is judicial oversight, even if it is being used by the Department of National Defence and CSE, we have to make sure it is not being used against Canadians and only deals with those national threats they refer to as threats that are foreign entities. That is something that Bill C-27 fails to recognize.”
 
 
Portrait - Christine Normandin
CSE-related interests
  • Canada-China Relations Committee (May 2021): Concerned over Canada’s “laxed” stance on Huawei in comparison to the other Five Eyes partners.
  • Business of Supply- Government Orders (February 2021): Concern of China’s mass surveillance regime and the surveillance capacities of Huawei.
  • NDDN (March 2022): Questioned if CSE’s and CSIS’ work happens in isolation and to promote communication between the two organizations, if they should “co‑operate more closely with FINTRAC to follow the money when it comes to the use of cryptocurrency by terrorist groups?”.
  • Questioned if CSE explored working with private sector to “fill gaps in internal capacity and thus meet operational requirements” and develop cyber capacity (March 2022).
 
 

Members

Portrait - Darren Fisher
CSE-related interests
  • Concerned with Russia, China and Arctic Security (November 2022): “Given the evolving relationship between Russia and China right now, how do you think they would co-operate or conflict on matters relating to the Arctic?”
  • NDDN Committee, Briefing by the Commissioner of CSE (March 2017): Concern over other Five Eyes partners not keeping their promise to protect Canadian data and spy on each other’s citizens.
  • Interested in national defence and Canada’s Involvement in NATO (January 2018): Concern over if Canadian and NATO infrastructure is safe from data breaches and if there is a quick response to new cyber threats.
 
 
Portrait - Cheryl Gallant
CSE-related interests
  • “E-security” is a popular topic for Gallant (March 2022): “CSE judges that cyber-threat actors will very unlikely seek to intentionally seek to disrupt Canadian critical infrastructure and cause major damage or loss of life. That being said, how vulnerable are we with the Internet of things, given that something as simple as your refrigerator is sending off pings? There seem to be so many vulnerabilities and it is the least protected throughway that is going to be attacked, so how can they be so confident, do you think, that it will be unlikely to be disrupted?”
  • Issues of greatest interest in this area include: Cybersecurity of the electricity grid; NATO and NORAD and cybersecurity, including IoT and AI; recruiting cybersecurity experts into the military; the Telecommunications Act, how CSE works with the private sector; information sharing in the Five Eyes; Russian cyberattacks against Georgia; and Op IMPACT.
  • Questioned if Canada was sharing intelligence directly with Ukraine from CSE in March 2022.
 
 
Portrait - Pat Kelly
CSE-related interests
  • Interested in national defence and security, with many questions related to Arctic security, protecting Arctic waters and China's capability to threaten Canadian Arctic sovereignty in November 2022.
  • Questioned Jody Thomas during her appearance in December 2022 regarding foreign interference in Canadian elections.
  • Has had no questions directed at CSE and mention of the organization.
 
 
Portrait - Shelby Kramp-Neuman
CSE-related interests
  • Interested in Canada’s role in NATO, Arctic security, national defence, Canada’s military and its capacity to respond to threats: “Can you speak to the impact on our ability to protect and strengthen our north and give it the attention it needs as a region of growing competition between Canada, Russia and China?” (November 2022).
  • Has had no questions directed at CSE and mention of the organization.
 
Portrait - Emmanuella Lambropoulos
CSE-related interests
  • Interested in Russia and China’s foreign interference, the rise of cyber-threats and Arctic security.
  • Questioned Canada’s position in defending itself and the Arctic in NDDN (December 2022): “[…] What are some of the ways that our adversaries' [Russia and China] cyber-abilities influence the way we prepare ourselves? In what ways have we made investments in technologies that would counter these kinds of cyber-abilities?”.
  • Questioned Chief Shelly Bruce about cyber-threats during her appearance in February 2022: “I know that Minister Anand has in her mandate letter several references to cybersecurity. We heard from CSE and CSIS at our last meeting that these threats have been increasing steadily for the last while, mainly by China and Russia, along with others. What kind of plans do you have going forward in order to make sure we accomplish this part of the mandate?” and “In your opinion, what would CSE need in order to help it fulfill its mandate?”
 
Portrait - Lindsay Mathyssen
CSE-related interests
  • Interested in assessing the capacity to tackle cyber-threats and issue of unfilled cyber-related positions in NDDN (March 2022).
  • Questioned the reality of Russia and China posing as “potential threat” for Canada and Artic Soil during Jody Thomas’ appearance (December 2022).
 
Portrait - Andy Fillmore
CSE-related interests
  • On a number of occasions in Parliament, Fillmore has mentioned CSE’s role in securing Canadian elections: “…which is why we engaged the Communications Security Establishment to conduct the first-ever threat assessment of Canadian democratic processes…” (March 2018) “the minister has asked the Communications Security Establishment to analyze proactively the risks to our electoral system and to release a public report. Further, we will ask the CSE officer for advice for political parties on cybersecurity best practices.” (March 2017)
  • Fillmore was also the member to table the first Cyber Threats To Canada's Democratic Process report in 2017
  • Discussed Russia/Ukraine war and implications for oil and gas prices in the House: “what is unfolding a world away with Russia's brutal, illegal, unprovoked and unjustified war with Ukraine … is being funded by the very resource that we are discussing today” (May 2022)
  • Discussed economic security in the context of PRC foreign influence at Industry Committee
 
 
Portrait - Marie-France Lalonde
CSE-related interests
  • Has spoken about PRC intimidation activities in Canada, noting that “We recognize that individuals in Canada subjected to intimidation, harassment or manipulation by foreign states or their proxies suffer the effect of foreign interference directly. These activities are a threat to Canada's sovereignty and to the safety of our communities and individuals in Canada.” (June 2023)
  • She discussed foreign interference in the House: “We are very committed to combatting foreign interference by protecting the Canadians and communities targeted by foreign state actors, safeguarding our democratic institutions and promoting economic security.” (June 2023)
  • She also has mentioned Afghanistan and expressed her support for Afghan refugees, noting at CIMM that her riding has strong historical ties to the country (March 2023)
 
 
Portrait - Chad Collins
CSE-related interests
  • Discussed LPC’s support for Ukrainian refugees in the House (March 2023)
  • Expressed disdain for foreign interference as a political theme, referring to it as a “one-trick pony political debate” in June 2023 at SRSR.
  • Also at SRSR, Collins noted that he would prefer a broad study in relation to research security, as opposed to limiting the scope of a study to specific companies (in this particular situation, Huawei): “I would say that we can expand that language if you have other suggestions to provide that build upon that theme of foreign interference, or whatever you want to call it. I think we need to be a little bit more inclusive rather than exclusive. (June 2023)
 

Committee backgrounder

44th Parliament, 1st Session

Under its mandate, the Committee:

  • Studies the legislation, activities and expenditures of the Department of National Defence (DND) and the Canadian Armed Forces (CAF).
  • Examines the domestic, continental and international security environment; and
  • Monitors the performance and policies of other federal entities that operate within the National Defence portfolio such as The Communications Security Establishment (CSE).

Recent appearances

  • Sept 28, 2023: CSE appeared alongside the Minister of National Defence for a briefing on the Mandate and Priorities of the Minister of National Defence
  • May 2, 2023: CSE appeared alongside the Minister of National Defence and other senior officials to discuss Main Estimates 2023-2024.
  • February 7, 2023: CSE appeared to discuss Cybersecurity and Cyberwarfare.
  • February 9, 2022: CSE appeared alongside the Minister of National Defence and other senior officials to discuss the Minister’s mandate letter and priorities.
  • February 7, 2022: CSE appeared alongside the Minister of National Defence, and the Director of CSIS, as well as other senior officials to brief NDDN members’ situational awareness of the threats they themselves face from foreign interference, as well as a discussion of the threats Canada faces from foreign interference.

Key studies

  • Notable activities/meetings:
    • September 2023: Briefing on the Indo-Pacific Region
    • September 2023: Briefing on the War in Ukraine
    • February and March 2023: Briefing on the Surveillance Balloon from the People's Republic of China
    • December 2022: Briefing on the 6th Report of the Auditor General, Arctic Water Surveillance
    • February 2022: Briefing on Canada, NATO and the Current Situation in Ukraine
    • February 2022: Briefing by CSIS and the CSE
  • Studies in recent years:
    • December 2018: Russian Aggression Against Ukraine, Moldova and Georgia in the Black Sea Region; Threat Analysis Affecting Canada and the Canadian Armed Forces’ Operational Readiness to Meet Those Threats; Addressing Sexual Misconduct in the Canadian Armed Forces; Impacts of the COVID-19 Pandemic on Canadian Armed Forces Operations
    • June 2019: Improving Diversity and Inclusion in the Canadian Armed Forces
    • May 2019: Canada’s Contributions to International Peacekeeping
    • October 2022: Arctic Security
    • November 2022: Reports that Former Royal Canadian Air Force Pilots have Undertaken Employment to Train Members of the People's Liberation Army Air Force
    • February 2023: Cybersecurity and Cyberwarfare

Key reports and relevant recommendations

  • In June 2023, NDDN tabled a report titled The Cyber Defence of Canada based on its study of Cybersecurity and Cyberwarfare. The vast majority of the report’s recommendations are relevant to CSE, and five mention CSE directly:
    • Recommendation 19: That the Government of Canada mandate all federal government departments and request provincial, territorial, municipal, and Indigenous governments to provide a detailed list of critical infrastructure to Treasury Board and the Communications Security Establishment and update it annually.
    • Recommendation 20: That the Government of Canada increase funding to the Canadian Centre for Cyber Security to improve coordination between federal and provincial cybersecurity systems to better address incidents.
    • Recommendation 23: That the Government of Canada adapt and develop a comprehensive plan for the recruitment and retention of cyber operators which is competitive with the private sector to ensure positions are filled and the cyber skills gap is closed in the Canadian Armed Forces and the Communications Security Establishment.
    • Recommendation 26: That the Government of Canada take steps to clearly define the duties and responsibilities of the Canadian Armed Forces and the Communications Security Establishment as they relate to cyber security in Canada and abroad.
    • Recommendation 36: That the Government of Canada establish clear boundaries in the operations of the Communications Security Establishment between their signals intelligence and cybersecurity mandates, including ministerial authorization processes and reporting mechanisms
  • In June 2022, NDDN tabled a report titled Report 1 - An Interim Report on the Defence of Canada in a Rapidly Changing Threat Environment based on its study, Threat Analysis Affecting Canada and the Canadian Armed Forces’ Operational Readiness to Meet Those Threats. One of the recommendations mentions CSE directly:
    • Recommendation 10: That the Government of Canada invest in defensive and active cyber operations capabilities. As well, the Government should increase its recruitment and training of cyber specialists in the Canadian Armed Forces and the Communications Security Establishment, and ensure that all federal systems are adequately protected against cyber threats.
      • The government, in its response to the report, agreed with this recommendation.

Previous Meetings (2022-23 Session)

September 2022 – June 2023

Wednesday, December 15, 2021: Election of Chair
The Hon. John McKay (LPC) was elected Chair. Kerry-Lynne D. Findlay (CPC) was elected first vice-chair; Christine Normandin (BQ) was elected second vice-chair.

Monday, January 31, 2022: Committee Business

Wednesday, February 2, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness

Monday, February 7, 2022: Briefing by CSIS and CSE

Witnesses included:

  • Charlie Henderson, Assistant Director, Canadian Security Intelligence Service
  • David Vigneault, Director, Canadian Security Intelligence Service
  • Daniel Rogers, Associate Chief, Communications Security Establishment
  • Rajiv Gupta, Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment

Wednesday, February 9, 2022: Briefing by the Minister of National Defence on her Mandate Letter

Witnesses included:

  • Hon. Anita Anand, Minister of National Defence
  • Bill Matthews, Deputy Minister of National Defence
  • Robin Holman, Acting Judge Advocate General, Office of the Judge Advocate General, Department of National Defence
  • Gen Wayne D. Eyre, Chief of the Defence Staff, Canadian Armed Forces, Department of National Defence
  • Shelly Bruce, Chief, Communications Security Establishment

Monday, February 14, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness (Meeting 2)

Wednesday, February 16, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness (Meeting 3)

Monday, February 28, 2022: Briefing on Canada, NATO and the Current Situation in Ukraine, and Threat Analysis Affecting Canada and the CAF Operational Readiness

Witness included:

  • MGen Paul Prévost, Director of Staff, Strategic Joint Staff, Department of National Defence

Wednesday, March 2, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness

Wednesday, March 9, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness

Monday, March 21, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness

Wednesday, March 23, 2022: Subject Matter of Supplementary Estimates (C) 2021-22

Witnesses included:

  • Hon. Anita Anand, Minister of National Defence
  • Bill Matthews, Deputy Minister of National Defence
  • Cheri Crosby, Assistant Deputy Minister, Finance, and Chief Financial Officer, Department of National Defence
  • LGen Frances J. Allen, Vice Chief of the Defence Staff, Canadian Armed Forces, Department of National Defence
  • Shoba Ranganathan, Acting Executive Director, Sexual Misconduct Response Centre, Department of National Defence
  • Troy Crosby, Assistant Deputy Minister, Materiel Group, Department of National Defence
  • Shelly Bruce, Chief, Communications Security Establishment

Monday, March 28, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness

Wednesday, March 30, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness

Monday, April 4 ,2022: Recruitment and Retention in the CAF

Wednesday, April 6, 2022: Recruitment and Retention in the CAF

Monday, April 25, 2022: Recruitment and Retention in the CAF

Wednesday, April 27, 2022: Committee Business and Recruitment and Retention in the CAF

Monday, May 2, 2022: Rising Domestic Operational Deployments and Challenges for the CAF

Wednesday, May 4, 2022: Committee Business

Monday, May 9, 2022: Rising Domestic Operational Deployments and Challenges for the CAF

Wednesday, May 11, 2022: Committee Business

Wednesday, May 18, 2022: Rising Domestic Operational Deployments and Challenges for the CAF

Wednesday, June 1, 2022: Committee Business and Threat Analysis Affecting Canada and the CAF Operational Readiness

Monday, June 6, 2022: Subject Matter of Main Estimates 2022-23

Witnesses included:

  • Hon. Anita Anand, Minister of National Defence
  • Bill Matthews, Deputy Minister of National Defence
  • Cheri Crosby, Assistant Deputy Minister, Finance, and Chief Financial Officer, Department of National Defence
  • LGen Frances J. Allen, Vice Chief of the Defence Staff, Canadian Armed Forces, Department of National Defence
  • Troy Crosby, Assistant Deputy Minister, Materiel Group, Department of National Defence
  • Shelly Bruce, Chief, Communications Security Establishment

Wednesday, June 8, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness

Monday, June 13, 2022: Recruitment and Retention in the CAF

Monday, June 20, 2022: Recruitment and Retention in the CAF

Tuesday, September 20, 2022: Threat Analysis Affecting Canada and the CAF Operational Readiness

Thursday, September 22, 2022: Committee Business and Threat Analysis Affecting Canada and the CAF Operational Readiness

Tuesday, September 27, 2022: Rising Domestic Operational Deployments and Challenges for the CAF

Tuesday, October 4, 2022: Rising Domestic Operational Deployments and Challenges for the CAF

Thursday, October 6, 2022: Rising Domestic Operational Deployments and Challenges for the CAF

Thursday, October 18, 2022: Arctic Security

Tuesday, October 25, 2022: Arctic Security and Committee Business

Thursday, October 27, 2022: Arctic Security

Tuesday, November 1, 2022: Arctic Security

Thursday, November 3, 2022: Arctic Security and Reports that Former Royal Canadian Air Force Pilots Have Undertaken Employment to Train Members of the People’s Liberation Army Air Force

Witness included:

  • BGen Denis Boucher, Director General Defence Security, Department of National Defence

Tuesday, November 15, 2022: Arctic Security

Tuesday, November 22, 2022: Arctic Security

Thursday, November 24, 2022: Arctic Security

Tuesday, November 29, 2022: Arctic Security

Thursday, December 1, 2022: Committee Business

Thursday, December 8, 2022: Arctic Security and Briefing on the 6th Report of the Auditor General, Arctic Water Surveillance

Witnesses included:

  • Chantal Thibaudeau, Director, Office of the Auditor General
  • Karen Hogan, Auditor General, Office of the Auditor General
  • Nicholas Swales, Principal, Office of the Auditor General

Tuesday, December 13 , 2022: Independent External Review of the Department of National Defence and the Canadian Armed Forces

Witnesses included:

  • Hon. Anita Anand, Minister of National Defence
  • Louise Arbour, Lawyer
  • Bill Matthews, Deputy Minister, Department of National Defence
  • LGen Frances J. Allen, Vice Chief of the Defence Staff, Canadian Armed Forces, Department of National Defence
  • LGen Jennie Carignan, Chief, Professional Conduct and Culture, Canadian Armed Forces. Department of National Defence
  • Linda Rizzo-Michelin, Chief Operating Officer, Sexual Misconduct Response Centre, Department of National Defence
  • Col Robin Holman, Acting Judge Advocate General, Canadian Armed Forces, Department of National Defence
  • Gen Wayne D. Eyre, Chief of the Defence Staff, Canadian Armed Forces, Department of National Defence

Tuesday, January 31 , 2022: Threat Analysis Affecting Canada and the Canadian Armed Forces’ Operational Readiness to Meet Those Threats

Witnesses Included:

  • Kati Csaba, Executive Director, Ukraine Strategic Action Team, Department of Foreign Affairs, Trade and Development
  • Gen Wayne D. Eyre, Chief of the Defence Staff, Canadian Armed Forces, Department of National Defence
  • MGen Michael Wright, Commander, Canadian Forces Intelligence Command and Chief of Defence Intelligence, Department of National Defence

Friday, February 3, 2023: Threat Analysis Affecting Canada and the Canadian Armed Forces’ Operational Readiness to Meet Those Threats

Witnesses Included:

  • Peter Lundy, Director General, Indo-Pacific Secretariat, Department of Foreign Affairs, Trade and Development
  • MGen Greg Smith, Director General, International Security Policy, Department of National Defence

Tuesday, February 7, 2023: Cybersecurity and Cyberwarfare

Witnesses included:

  • Sami Khoury, Head, Canadian Centre for Cyber Security, Communications Security Establishment
  • Alia Tayyeb, Deputy Chief of Signals Intelligence (SIGINT), Communications Security Establishment

Friday, February 10, 2023: Cybersecurity and Cyberwarfare

Witnesses included:

  • Thomas Keenan, Professor, University of Calgary (by videoconference) Amended
  • Alexander Rudolph, PhD Candidate, Carleton University
  • Kristen Csenkey, PhD Candidate, Balsillie School of International Affairs, Wilfrid Laurier University
  • Alexis Rapin, Research fellow, Raoul-Dandurand Chair of Strategic and Diplomatic Studies, Université du Québec à Montréal

Tuesday, February 14, 2023: Cybersecurity and Cyberwarfare

Witnesses included:

  • RAdm Lou Carosielli, Cyber Force Commander, Canadian Armed Forces, Department of National Defence
  • Jonathan Quinn, Director General, Continental Defence Policy, Department of National Defence
  • Marcus Kolga, Senior Fellow, Macdonald-Laurier Institute

Friday, February 17, 2023: Briefing on the Surveillance Balloon from the People's Republic of China

Witnesses included:

  • LGen Alain Pelletier, Deputy Commander, North American Aerospace Defense Command, Department of National Defence
  • MGen Paul Prévost, Director of Staff, Strategic Joint Staff, Department of National Defence

Tuesday, March 7, 2023: Briefing on the Surveillance Balloon from the People's Republic of China

Witnesses included:

  • Hon. Anita Anand, P.C., M.P., Minister of National Defence
  • Bill Matthews, Deputy Minister, Department of National Defence
  • Gen Wayne D. Eyre, Chief of the Defence Staff, Canadian Armed Forces
  • Jonathan Quinn, Director General, Continental Defence Policy, Department of National Defence
  • MGen Darcy Molstad, Deputy Commander, Canadian Joint Operations Command, Canadian Armed Forces, Department of National Defence

Friday, March 10, 2023: Cybersecurity and Cyberwarfare

Witnesses included:

  • Christyn Cianfarani, President and Chief Executive Officer, Canadian Association of Defence and Security Industries
  • Tim Callan, Chief Experience Officer, Sectigo
  • Christian Leuprecht, Professor, Royal Military College of Canada

Tuesday, March 21, 2023: Arctic Security (consideration of draft report)

Friday, March 31, 2023: Cybersecurity and Cyberwarfare and Meeting with a Delegation from Lithuania

Witnesses included:

  • Tadej Nared, Chairman of the Board, Slovenian Certified Ethical Hackers Foundation
  • John de Boer, Senior Director, Government Affairs and Public Policy, Canada, BlackBerry
  • Tim McSorley, National Coordinator, International Civil Liberties Monitoring Group
  • Žilvinas Tomkus, Vice-Minister of National Defence, Ministry of National Defence of the Republic of Lithuania

Friday, April 21, 2023: Briefing on the War in Ukraine

Witnesses included:

  • Kerry Buck
  • Ihor Michalchyshyn, Executive Director and Chief Executive Officer, Ukrainian Canadian Congress
  • Orest Zakydalsky, Senior Policy Advisor, Ukrainian Canadian Congress
  • Dr. Jack Watling, Senior Research Fellow for Land Warfare

Tuesday, April 25, 2023: Briefing on the War in Ukraine

Witnesses included:

  • Brian Jenkins, Senior Adviser to the President, RAND Corporation
  • Andrew Rasiulis, Fellow, Canadian Global Affairs Institute

Friday, April 28, 2023: Military Health System and Provision of Health and Transition Services under the Canadian Forces Health Services Group

Witnesses included:

  • LGen Lise Bourgon, Acting Chief of Military Personnel and Acting Commander Military Personnel Command, Canadian Armed Forces, Department of National Defence
  • MGen Marc Bilodeau, Surgeon General, Canadian Armed Forces, Department of National Defence
  • Cmdre Daniel Bouchard, Commander, Canadian Armed Forces Transition Group, Canadian Armed Forces, Department of National Defence
  • BGen Scott Malcolm, Commander, Canadian Forces Health Services Group, Canadian Armed Forces, Department of National Defence

Tuesday, May 2, 2023: Main Estimates 2023-2024

Witnesses included:

  • Hon. Anita Anand, P.C., M.P., Minister of National Defence
  • Caroline Xavier, Chief, Communications Security Establishment
  • Bill Matthews, Deputy Minister, Department of National Defence
  • Troy Crosby, Assistant Deputy Minister, Materiel Group, Department of National Defence
  • Gen Wayne D. Eyre, Chief of the Defence Staff, Canadian Armed Forces, Department of National Defence
  • Cmdre Ruth Dagenais, Deputy Chief Financial Officer, Canadian Armed Forces, Department of National Defence

Tuesday, May 9, 2023: Military Health System and Provision of Health and Transition Services under the Canadian Forces Health Services Group

Witnesses included:

  • Myriam Lafond, Managing Director, Crisis Center and Suicide Prevention of Haut-Richelieu-Rouville
  • Linna Tam-Seto, Assistant Professor, McMaster University, Canadian Institute for Military and Veteran Health Research
  • Col (Ret'd) Richard Pucci, Senior Health Care Executive
  • Maj (Ret'd) Dr. Karen Breeck
  • RAdm (Ret'd) Hon. Rebecca Patterson, Senator

Friday, May 12, 2023: Military Health System and Provision of Health and Transition Services under the Canadian Forces Health Services Group

Witnesses included:

  • Gregory Lick, Ombudsman, National Defence and Canadian Armed Forces Ombudsman
  • Robyn Hynes, Director General of Operations, National Defence and Canadian Armed Forces Ombudsman
  • Col (Ret'd) Nishika Jardine, Veterans Ombud, Office of the Veterans Ombudsman
  • Duane Schippers, Deputy Veterans Ombud, Office of the Veterans Ombudsman
  • RAdm (Ret’d) Hon. Rebecca Patterson, Senator
  • Maj (Ret’d) Dr. Karen Breeck
  • Nick Booth, Chief Executive Officer, True Patriot Love Foundation

Friday, June 2, 2023: Military Health System and Provision of Health and Transition Services under the Canadian Forces Health Services Group

Witnesses included:

  • Laurie Ogilvie, Senior Vice President, Military Family Services, Canadian Forces Morale and Welfare Services
  • Steven Harris, Assistant Deputy Minister, Service Delivery Branch, Department of Veterans Affairs
  • Jane Hicks, Acting Director General, Service Delivery and Program Management, Department of Veterans Affairs
  • Mark Roy, Area Director Central Ontario.
  • Dr. Ayla Azad, Chief Executive Officer, Canadian Chiropractic Association
  • Andrew P.W. Bennett, Director, Cardus
  • Matthew McDaniel, National Clinical Director, Veterans Transition Network

Tuesday, June 6, 2023: Cybersecurity and Cyberwarfare (consideration of a draft report)

Friday, June 9, 2023: Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces and Cybersecurity and Cyberwarfare (consideration of a draft report)

Witnesses included:

  • Yves Giroux, Parliamentary Budget Officer, Office of the Parliamentary Budget Officer
  • Christopher Penney, Advisor-Analyst, Office of the Parliamentary Budget Officer

Tuesday, June 13, 2023: Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces

Witnesses included:

  • Karen Hogan, Auditor General, Office of the Auditor General
  • Andrew Hayes, Deputy Auditor General, Office of the Auditor General
  • Nicholas Swales, Principal, Office of the Auditor General
  • Anessa Kimball, Full Professor, Université Laval (by videoconference)
  • Philippe Lagassé, Associate Professor, Carleton University

Friday, June 16, 2023: Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces

Witnesses included:

  • David Perry, President, Canadian Global Affairs Institute
  • Alan Williams, President, Williams Group
  • Hon. LGen Andrew Leslie
  • BGen (Ret'd) Gaston Côté (by videoconference)
  • LGen (Ret'd) Guy Thibault, Former Vice Chief of the Defence Staff, Conference of Defence Associations

Tuesday, June 20, 2023: External Monitor Report - First Status Report

Witnesses included:

  • Jocelyne Therrien, External Monitor
September 2023 – June 2024

Tuesday, September 19, 2023: Briefing on the War in Ukraine

Witnesses included:

  • Kati Csaba, Executive Director, Ukraine Bureau, Department of Foreign Affairs, Trade and Development
  • Alison Grant, Director General, International Security Policy Bureau, Department of Foreign Affairs, Trade and Development
  • MGen Paul Prévost, Director of Staff, Strategic Joint Staff, Department of National Defence
  • Ty Curran, Deputy Director General International Security, Department of National Defence

Thursday, September 21, 2023: Briefing on the War in Ukraine

Witnesses included:

  • Peter Lundy, Director General, Indo-Pacific Strategy Secretariat, Department of Foreign Affairs, Trade and Development
  • MGen Paul Prévost, Director of Staff, Strategic Joint Staff, Department of National Defence
  • MGen Greg Smith, Director General, International Security Policy, Department of National Defence
  • Dr. Harry Ho-Jen Tseng, Representative, Taipei Economic and Cultural Office in Canada
  • Bryan Chiao-Lu Ping, Executive Director, Taipei Economic and Cultural Office in Canada
  • Ethan Han-Ming Chen, Executive Assistant Director, Taipei Economic and Cultural Office in Canada

Tuesday, September 26, 2023: Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces

Witnesses included:

  • Richard B. Fadden
  • Richard Foster, Vice President, L3Harris Technologies Canada
  • Richard Shimooka, Senior Fellow, Macdonald-Laurier Institute
  • Project Ploughshares
  • Cesar Jaramillo, Executive Director

Tuesday, October 3 (2023): Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces

Witnesses included:

  • Mike Mueller, President and Chief Executive Officer Aerospace Industries Association of Canada
  • Christyn Cianfarani, President and Chief Executive Officer, Canadian Association of Defence and Security Industries
  • Alexander Jeglic, Procurement Ombudsman, Office of the Procurement Ombudsman
  • David Rabinovitch, Deputy Procurement Ombudsman, Office of the Procurement Ombudsman
  • Amy Dubeau, Director, Communications and Corporate Management, Office of the Procurement Ombudsman

Thursday, October 5 (2023): Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces

Witnesses included:

  • Demetrios Xenos, Director General, Industrial and Technological Benefits Branch, Department of Industry
  • Troy Crosby, Assistant Deputy Minister, Materiel Group, Department of National Defence
  • Simon Page, Assistant Deputy Minister, Defence and Marine Procurement, Department of Public Works and Government Services
  • Samantha Tattersall, Assistant Comptroller General, Acquired Services and Assets Sector, Treasury Board Secretariat

Tuesday, October 17 (2023): Canadian Armed Forces Health and Transition Services – Consideration of Draft Report

Thursday, October 19 (2023): Briefing on the Israel-Hamas Conflict

Witnesses included:

  • Dr. Raphael S. Cohen, Director, Strategy and Doctrine Program, Project Air Force, RAND Corporation
  • Jonathan Panikoff, Director, Scowcroft Middle East Security Initiative, Atlantic Council
  • Dr. Natan Sachs, Senior Fellow and Director, Center for Middle East Policy, The Brookings Institution

Tuesday, October 24 (2023): Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces

Witnesses included:

  • Alexander Jeglic, Procurement Ombudsman, Office of the Procurement Ombudsman
  • Alexis Ross, President, Apex Defense Strategies, LLC
  • Prof. Trevor Taylor, Director, Defence, Industries and Society Programme, Royal United Services Institute

Thursday, October 26 (2023): Briefing Session: PBO's Report, "A Force Structure Model of Canada’s Military"

Witnesses included:

  • Yves Giroux, Parliamentary Budget Officer, Office of the Parliamentary Budget Officer
  • Christopher Penney, Advisor-Analyst, Office of the Parliamentary Budget Officer
  • Binyam Solomon, Special Advisor, Office of the Parliamentary Budget Officer

Tuesday, October 31 (2023): Canadian Armed Forces Health and Transition Services (Consideration of Draft Report)

Thursday, November 2 (2023): Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces, Canadian Armed Forces Health and Transition Services (Consideration of Draft Report) and Committee Business.

Witnesses included:

  • Michael Clark, Manager, Business Development, FELLFAB Limited

Tuesday, November 7 (2023): Review of the Impact of Canada’s Procurement Process on the Canadian Armed Forces

Witnesses included:

  • Mary Gregory, Associate Assistant Deputy Minister, Industry Sector, Department of Industry
  • Troy Crosby, Assistant Deputy Minister, Materiel Group, Department of National Defence
  • Simon Page, Assistant Deputy Minister, Defence and Marine Procurement, Department of Public Works and Government Services
  • Samantha Tattersall, Assistant Comptroller General, Acquired Services and Assets Sector
  • Bombardier Inc., Treasury Board Secretariat
  • Eric Martel, President and Chief Executive Officer, Treasury Board Secretariat
  • Pierre Seïn Pyun, Vice President, Government and Industry Affairs, Treasury Board Secretariat
  • Anne-Marie Thibaudeau, Director of Capture and Proposal Management, Treasury Board Secretariat
  • Yana Lukasheh, Vice-President, Government Affairs and Business Development, SAP Canada Inc.
  • David Lincourt, Chief Expert, Global Defence and Security Industry Business Unit, SAP Canada Inc.
  • June Winger, National President, Union of National Defence Employees

Thursday, November 9 (2023): Rising Domestic Operational Deployments and Challenges for the Canadian Armed Forces

Witnesses included:

  • Klaus Buchmüller, Head, International Division, Federal Agency for Technical Relief (THW)
  • Christopher Banks, Sergeant (Retired)
  • Dr. Mike Flannigan, BC Innovation Research Chair, Predictive Services, Emergency Management and Fire Science
  • Hon. Mike Ellis, Deputy Premier and Minister of Public Safety and Emergency Services, Government of Alberta

Thursday, November 23 (2023): Rising Domestic Operational Deployments and Challenges for the Canadian Armed Forces

Witnesses included:

  • Hon. Bill Blair, P.C., M.P., Minister of National Defence
  • Bill Matthews, Deputy Minister, Department of National Defence
  • Gen Wayne D. Eyre, Chief of the Defence Staff, Canadian Armed Forces, Department of National Defence

Tuesday, November 28 (2023): Committee Business

Thursday, November 30 (2023): Lack of Military Housing and Challenges to Move Across the Country

Witnesses included:

  • Rob Chambers, Assistant Deputy Minister, Infrastructure and Environment, Department of National Defence
  • BGen Virginia Tattersall, Director General, Compensation and Benefits, Department of National Defence
  • Serge Tremblay, General Manager, Infrastructure and Technical Services, Department of National Defence
 
 

Page proofs

Organization summary
Data Authorities to date These supplementary estimates Proposed authorities to date
Transfers (dollars) Adjustments (dollars)
Budgetary voted
1b Program expenditures
925,204,916 (2,217,027) 15,041,064 938,028,953
Total voted 925,204,916 (2,217,027) 15,041,064 938,028,953
Total statutory 59,650,686 nil 2,372,531 62,023,217
Total budgetary expenditures 984,855,602 (2,217,027) 17,413,595 1,000,052,170
 
Explanation of requirements (dollars)
Data Vote Amount
Budgetary
Voted appropriations
Funding for the ongoing operations of the Canadian Centre for Cyber Security Vote 1b 10,771,964
Funding for the Interim Quantum Safe Capability project Vote 1b 1,592,171
Funding for government advertising programs (horizontal item) Vote 1b 1,500,000
Funding to enhance national security through an academic research initiative (Budget 2022) Vote 1b 1,176,929
Total voted appropriations n/a 15,041,064
Total statutory appropriations n/a 2,372,531
Transfers
Transfers from other organizations
From Shared Services Canada to the Communications Security Establishment to support the operation of the Secure Communications for National Leadership program Vote 1b 1,846,284
From the Department of Finance to the Canadian Security Intelligence Service and the Communications Security Establishment to support mitigation measures under the Retail Payment Activities Act Vote 1b 133,533
Transfers to other organizations
From various organizations to the Treasury Board Secretariat for financial community developmental programs and initiatives Vote 1b (10,000)
From various organizations to the Treasury Board Secretariat to support the Capacity Accelerator Project Vote 1b (15,000)
From various organizations to the Canadian Security Intelligence Service for the Integrated Terrorism Assessment Centre Vote 1b (298,410)
From the Communications Security Establishment to the Department of Foreign Affairs, Trade and Development for administrative support to departmental staff located at liaison offices abroad Vote 1b (1,172,798)
From the Communications Security Establishment to the Department of Foreign Affairs, Trade and Development in support of cyber security services Vote 1b (2,700,636)
Total transfers n/a (2,217,027)
Total budgetary n/a 15,196,568
 
Listing of statutory authorities
Data Authorities to date These supplementary estimates (dollars) Proposed authorities to date
Budgetary
Contributions to employee benefit plans 59,650,686 2,372,531 62,023,217
 
Items for inclusion in the Proposed Schedule 1 to the Appropriation Bill
(for the financial year ending March 31, 2024)
Vote number Items Amount ($) Total ($)
1b Communications Security Establishment
  • Program expenditures
  • Authority, as referred to in paragraph 29.1(2)(a) of the Financial Administration Act, to expend in the fiscal year — in order to offset expenditures that it incurs in that fiscal year — revenues that it receives in that fiscal year from its operations, including the provision of internal support services under section 29.2 of that Act
n/a 15,041,064
 
Supplementary Estimates (B), 2023–24
Statutory forecasts
Data Authorities to date These supplementary estimates (dollars) Proposed authorities to date
Budgetary
Communications Security Establishment
Contributions to employee benefit plans 59,650,686 2,372,531 62,023,217
Total budgetary 59,650,686 2,372,531 62,023,217
 
Supplementary Estimates (B), 2023–24
Expenditures by purpose
Budgetary Estimates to date These supplementary estimates Revised estimates
Operating Capital Transfer payments
(dollars)
Revenues and other reductions Total
Communications Security Establishment
Defend and advance Canada’s interests and values in and through cyberspace, and through foreign intelligence 965,909,359 18,906,128 nil nil (3,709,560) 15,196,568 981,105,927
Total 965,909,359 18,906,128 nil nil (3,709,560) 15,196,568 981,105,927
Total budgetary 965,909,359 18,906,128 nil nil (3,709,560) 15,196,568 981,105,927
 

Supplementary Estimates (B), 2023–24
Budgetary expenditures by standard object

This table shows the forecast of total expenditures by Standard Object, which includes the types of goods or services to be acquired, or the transfer payments to be made and the funds to be credited to the vote.

Definitions of standard objects available at: http://www.tpsgc-pwgsc.gc.ca/recgen/pceaf-gwcoa/2324/7-eng.html.

Budgetary expenditures by standard object
Data Personnel Transportation and communications Information Profesional and special services Rentals Purchased repair and maintenance Utilities, materials and supplies Acquisition of land, buildings and works Acquisition of machinery and equipment Transfer payments Public debt charges Other subsidies and payments Less: Revenues and other reductions Total
1 2 3 4 5 6 7 8 9 10 11 12
Communications Security Establishment 16,508,875 nil nil nil nil nil nil nil nil nil nil 2,397,253 3,709,560 15,196,568
Total 16,508,875 nil nil nil nil nil nil nil nil nil nil 2,397,253 3,709,560 15,196,568
 

Horizontal items

The items listed in this table are horizontal initiatives and other jointly funded items. Both types of horizontal items generally involve two or more organizations with a formal funding agreement (e.g. Memorandum to Cabinet or Treasury Board submission). Through horizontal initiatives, the organizations work in partnership toward the achievement of shared outcomes. In jointly funded items, organizations receive incremental funding, and each independently contributes to the realization of the stated objective(s).

Horizontal items
Organization Amount
(dollars)
Funding for government advertising programs
Communications Security Establishment 1,500,000
 
Last Modified
Update last modified date?
On
Date modified: