#CyberFLASH: Canada’s national cyber threat centre looking to expand

a-woman-uses-her-computer-keyboard-to-type-while-surfing-the-internet-in-north-vEveryone looks forward to April 1 as a sign that spring will really be here. Gwen Beauchemin, director of the federal government’s Canadian Cyber Incident Response Centre (CCIRC) is looking forward to it even more.

That’s because her budget for the new fiscal year starting on that date will allow here to up its staff to 87 from 43, which will help it expand its threat gathering capabilities as well as its threat intelligence services to Canadian organizations.

“We’re very thankful that we’re seeing messages now that the [new Liberal] government would like us to be more forward leaning and outward,” she said in an interview, “so I can only think that will raise awareness and the success of getting that information out to all.”

The centre, part of Public Safety Canada, has 1,200 provincial, municipal and private sector subscribers in the country — largely organizations in critical infrastructure — a number she’d like to substantially increase.

It pulls in over 1 million pieces of spam a day and identifies 300,000 different vulnerabilities. In 2015 it discovered over 87 million new pieces of malware.

The centre categorizes information in four levels based on the Traffic Light Protocol used by 14 countries. Each level carries increased risk to privacy or operations if misused: White, data that can be share with anyone (like a publicly announced Microsoft bug); Green, information that can be shared only with peers, and not via publicly accessible channels.; Amber (shared only with people the centre knows in its trusted community, and only with those who need to know,); and Red (limited distribution, unless it’s urgent).

Unlike the U.S., where a wide range of association-led private sector threat information sharing and analysis centres (ISACs) have sprung up, most of CIRC’s members are organizations.

Read more here

#CyberFLASH: Canada’s spies expecting a budget boost


computer-laptop-keyboard-852OTTAWA—Canada’s spies are expecting a budget boost when the Liberals table their first fiscal plan next month, documents released Tuesday show.

The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) have estimated an additional $95 million for intelligence and cyber defence operations next year.

The figures were released in the government’s main estimates document, a best-guess scenario for departments and agencies released a month before the Liberals table their first budget.

CSIS expects an additional $35.5 million “in support of Canada’s national security and the safety of Canadians.” A breakdown of CSIS budget — grouped vaguely into “intelligence” and “security screening” — shows most of the increase will go to intelligence operations.

CSE, the electronic spying and cyber defence agency, is expecting a net increase of $59.5 million “in support” of its mandate. Specifically, CSE expects to spend the money to increase its “capacity to address cyber threats and advancements in technology.”

Together, the two spy agencies estimate they’ll spend $1.2 billion in 2016-17, a slight increase compared to the 2015-16 estimates of $1.075 billion.

CSE spokesperson Lauri Sullivan said in a statementthat the funding will go to addressing several “key vulnerabilities” in government networks, as well as moving forward with the national Cyber Security Strategy.

“CSE’s mandate, including our unique skills in areas like cyber defence, are critical in advancing Canada’s national security priorities,” Sullivan wrote.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.