In Canada, no national cybersecurity strategy exists. Promises made by government officials to get this done have been left unfulfilled. No overall plan also means no general policies in place to provide more holistic guidance to the government and private sectors – now and in times of cyberwarfare.
Industry pundits are speaking out loudly against this major absence and calling for the government to establish an overarching cybersecurity strategy akin to one created by the Obama administration last year. Along with it, an official – like U.S. Cyber Security Coordinator Howard Schmidt – should be named, which hopefully would encourage government and private sectors to work together to implement best practices, policies and plans. These initiatives would keep critical informational assets safe from hackers, as well as from those engaging in cyberespionage/cyberwarfare.
Yes, the Canadian government launched the Canadian Cybersecurity Incident Response Centre in 2005, but, as Reporter Danny Bradbury points out in this month's feature story, most see it being used for nothing more than tracking major vulnerabilities.
In short, there has been plenty of talk about cybersecurity on the national level in Canada, but far too little action. Bradbury reveals this may change, however. His sources reveal that a document was drafted to establish a cohesive national strategy. Others view this development with a bit more skepticism, noting that the document likely will be too narrowly focused to result in any real steps toward the establishment of an overall cybersecurity strategy for the country and, as a result, sweeping improvement to its current questionable stance.Meantime, as calls for strengthening the country's information security posture continue, a focus on still-lingering economic woes by government officials continues. This single-mindedness, some say, is exactly why no progress is being made on the information security front. Advisory board members for the forthcoming SC Congress Canada event, which will be held in November, noted in a recent meeting with SC Magazine staff that their country indeed is behind the United States when it comes to getting organized about information security. Unfortunately, it seems this environment is likely to persist, at least through several more months as Parliament recesses for summer. As the saying goes: there is no rest for the wicked. Cybercriminals no doubt will continue launching money-grabbing attacks – even while officials relax lake- or beachside.