Yesterday’s Federal Budget had a lot in it for people to pick apart. But being an IT Nerd, I am focused on the new spending for cybersecurity:
Announced this afternoon, Budget 2022 also proposes to provide $238.2 million per year after the initial five year period for additional measures to address the rapidly evolving cyber threat landscape. The budget still has to be passed by Parliament.
The spending will include:
–$263.9 million over five years, starting in 2022-23, and $96.5 million annually ongoing to enhance the Communications Security Establishment’s (CSE’s) abilities to launch offensive cyber operations to prevent and defend against cyber attacks. The CSE is a division within the Defence Department that is responsible for protecting federal IT networks;
–$180.3 million over five years, starting in 2022-23, and $40.6 million per year ongoing to enhance CSE’s abilities to prevent and respond to cyberattacks on critical infrastructure;
–$178.7 million over five years, starting in 2022-23, and $39.5 million annually ongoing to expand cyber security protection for small departments, agencies, and Crown corporations; and,
–$252.3 million over five years, starting in 2022-23, and $61.7 million per year ongoing for CSE to make critical government systems more resilient to cyber incidents.
There would also be extra money to help cybersecurity researchers in fields such as quantum computing and artificial intelligence.
Those are big numbers. Thus this must be good. Right? I reached out to an expert to answer this question. Specifically David Masson, Director of Enterprise Security at cybersecurity AI firm, Darktrace:
“The Canadian Centre for Cyber Security, the public-facing arm of the CSE, has issued several cyber threat bulletins and advisories warning Canadian organizations operating critical infrastructure (CI) of the threat of cyber-attacks from Russia and Russian sponsored-proxies. It is no surprise that the Canadian Government underscores this priority with the allotment of $180 million to protect these increasingly vulnerable organizations and an additional $252 million to build government cyber-resilience in the face of incoming cyber-threats.
In addition to protecting CI and strengthening government defences, the vast majority of the announced budget will support the CSE in boosting its cyber capabilities, including launching offensive cyber operations against malicious actors. This shift to offensive cyber operations to succinctly combat cyber-attacks may indicate troubling intelligence surrounding impending cyber-threats. Overall, the new budget emphasizes cyber “defence,” where the strategic advantage will be with those who can defend most successfully and quickly – not focused on attacking their enemy. This funding is an essential step in ensuring that Canadian organizations do not get left behind in the global cyber war.”
It seems that Mr. Masson thinks this is positive. So I will go with that. Hopefully the Federal Government spends this money wisely so that Canadians are protected from cyber threats of all sorts.
Is It Time To Make The Internet An Essential Service And Hold Canadian Telcos Accountable For Providing That Service?
Posted in Commentary with tags Canada, Internet on May 18, 2022 by itnerdBack in 2016, the CRTC said that high speed Internet was “essential”. This is what they meant by that at the time:
As part of declaring broadband a “basic” or essential service, the CRTC has also set new goals for download and upload speeds. For fixed broadband services, all citizens should have the option of unlimited data with speeds of at least 50 megabits per second for downloads and 10 megabits per second for uploads — a tenfold increase of previous targets set in 2011. The goals for mobile coverage are less ambitious, and simply call for “access to the latest mobile wireless technology” in cities and major transport corridors.
The CRTC estimates that some two million Canadian households, or 18 percent of the population, do not currently have access to their desired speeds. The $750 million government fund will help to pay for infrastructure to remedy this. The money will be distributed over five years, with the CRTC expecting 90 percent of Canadians to access the new speeds by 2021.
The new digital plan also touches on accessibility problems, with CRTC mandating that wireless service providers will have to offer platforms that address the needs of people with hearing or speech disabilities within six months. Blais said this timeline was necessary, as the country “can’t depend on market forces to address these issues.”
Fast forward to 2022 and this really doesn’t go far enough to address what I think “essential” means to Canadians. Given that a lot of us still work from home, and the Internet is the difference between earning a paycheque and not earning one, or learning and not learning, I think that this needs to change. Now Public Safety Canada has a list of what it defines as “Essential Services” which it defines as this:
Canada’s National Strategy for Critical Infrastructure defines critical infrastructure as the processes, systems, facilities, technologies, networks, assets, and services essential to the health, safety, security or economic well-being of Canadians and the effective functioning of government.
And while this list does list “Information and Communication Technologies” as part of this, I think it needs to go further to include not only the Internet specifically, but it should also include telcos like Rogers, Bell, and Telus so that they are responsible for maintaining and resolving issues to a high standard. As in resolving issues within hours and not days. And having a minimum uptime guarantee that said telcos are held accountable to. Now I know that Rogers, Bell, Telus and others would say that this isn’t required and they go above and beyond for their customers. But while I agree that these telcos do the best that they can to resolve customer issues in what they consider to be a timely manner, I don’t think that’s good enough. When the Internet goes out for a single home or a group of homes, even for a few hours, there are people who aren’t learning or making a living. That affects the economy. That alone makes it worthwhile to explore this idea and to take action to make it reality. And perhaps if something like this came into effect, telcos would spend a lot more time and effort to ensure that their networks were resilient enough so that outages became corner cases. That would be good for all Canadians.
What do you think? Should Canada do more to make the Internet an “essential service” as I’ve described above? Please leave a comment and share your thoughts.
Leave a comment »