Canada's Leading Defence Magazine


Government of Canada releases its first Enterprise Cyber Security Strategy

Over the last few decades, public institutions and governments across Canada have become more and more reliant on the digital world to deliver programs and services. While providing faster and higher quality service delivery, reliance on information technologies means that the Government of Canada, like every other public and private sector organization in the world, is subject to ongoing and persistent cyber threats.

While there are already effective safeguards and procedures in place, there is a need to continuously strengthen them to detect, disrupt, and prevent cyber threats and to ensure the protection of government information and assets.

The Honourable Anita Anand, President of the Treasury Board of Canada (TBS) released the Government of Canada’s first Enterprise Cyber Security Strategy. The strategy is supported by Budget 2024’s investment of $11.1 million over 5 years to support its implementation.

The strategy outlines a proactive, whole-of-government approach to ensure that the Government can quickly and effectively combat cyber threats and address vulnerabilities across the government’s digital estate. The strategy aims to help safeguard government systems, protect Canadians’ information and strengthen the resilience of digital government to ensure the continued delivery of secure and reliable digital services. To achieve this, the strategy has outlined 4 main objectives:

  1. Articulate cyber security risks and their impacts
  2. Prevent and resist cyber attacks more effectively
  3. Strengthen capabilities and resilience across the government to proactively prepare for, respond to and recover from cyber security events
  4. Attract a diverse Government workforce with the right cyber security skills and knowledge

The immediate implementation of the strategic goals will begin with the first phase to support:

  • Establishing a centralized evaluation system with independent assessments and thorough reviews of departments’ cybersecurity to identify and prioritize risks.
  • Creating a federated integrated risk management platform to enable prioritization and data-driven reporting as a key part of a broader enterprise portfolio management system.
  • Creating a government-wide vulnerability management program for a coordinated vulnerability disclosure process and will focus on people, processes, policies, and technology.
  • Forming a new Purple Team that will emulate techniques used by malicious threat actors against government systems to proactively test and audit any security gaps.

TBS will continue to work with its partners, including Shared Services Canada and the Communications Security Establishment to effectively respond to and recover from cyber events in a timely manner and maintain the continuous delivery of Government programs and services for Canadians.

“In a world when going digital is more and more our reality, we must ensure that our systems remain secure from cyber threats and deliver the highest quality of programs and services to Canadians. To achieve this, we are announcing the first of its kind GC Enterprise Cyber Security Strategy to help us manage risk, prevent cyber attacks, strengthen our resilience, and cultivate a strong cyber security culture. Together, with our partners we will work to support a robust and modern digital infrastructure while ensuring our workforce has the talent and knowledge to foster cyber security.”

–       The Honourable Anita Anand, President of the Treasury Board

“The Government of Canada needs to act quickly and effectively to combat cyber threats and protect Canadians’ information. In an increasingly online world, this new Cyber Security Strategy provides clear guidance that will help us prevent cyber attacks and respond to and recover from them when they happen. Through this strategy, we are making our systems more resilient and keeping Canadians’ information safe.”

–       The Honourable Bill Blair, Minister of National Defence

“As the cyber security risk landscape evolves, we need to keep pace with new threats and challenges by working across government organizations with coherent and effective actions. The GC Enterprise Cyber Strategy will deliver modern, secure, and accessible digital tools and government services that better protect Canadians.” 

–       The Honourable Jean-Yves Duclos, Minister of Public Services and Procurement

  • Government of Canada’s cyber defense tools include the Cyber Security Event Management Plan tabletop exercises and government website security monitoring.
  • The Treasury Board of Canada Secretariat, the Communications Security Establishment and Shared Services Canada work collaboratively to protect the Government of Canada from cyber threats.
  • The Key Performance Indicators to be reported on are available in Appendix A of the strategy.
  • Further actions include SSC’s enterprise-wide initiatives to strengthen cyber security protections for Government of Canada IT systems and infrastructure.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Please fill out the following information to be added to our newsletter distribution list.
Please enable JavaScript in your browser to complete this form.