How Canada’s Cybersecurity Strategy Addresses Remote Work, Aging Infrastructure

The Treasury Board of Canada aims to address the cybersecurity challenges posed by remote work, cloud computing, aging infrastructure, and recruitment of skilled cybersecurity personnel. Canada’s cybersecurity strategy, as reported by Monique Mulima in the Insurance Journal, is relatively comprehensive. Still, it unfolds at a leisurely pace, with minimal funding of $8 million US over two to five years.

When the plan was announced in late May of this year, Canada’s Financial Transactions and Reports Analysis Centre, the Royal Canadian Mounted Police, and Global Affairs Canada had all reported cyber incidents.

According to Treasury Board President Anita Anand, government departments and agencies lacked “repeatable” processes to identify and respond to new and emerging cyber threats as of the fiscal year ending in 2023.

Many government employees switched to remote work during the pandemic and remain on hybrid work schedules. Canada’s cybersecurity strategy aims to make working from home more secure by expanding multi-factor authentication and introducing always-on protection against malware and viruses.

According to the article, the government’s increasing use of mobile devices, cloud-based services, and third-party software at the departmental or agency level leads to inconsistencies.

The plan envisions a security operations center monitoring cloud and other network-connected devices across departments and agencies. It also plans to create a team system to simulate cyberattacks and assess defenses to identify gaps in cybersecurity.

There is a component of partnership with colleges and universities that increases the hiring of cybersecurity professionals because the government has struggled to find people trained to work in cybersecurity.