15 / 32
September 2016 //
Canadian Government Executive /
15
Strategy
response centers, as well as federal and
international intelligence partners. Other
Government of Canada organizations also
work closely with CCIRC. For example,
the Communications Security Establish-
ment and Shared Services Canada provide
insight on cyber events targeting Govern-
ment of Canada systems; the Royal Cana-
dian Mounted Police provides expertise on
cybercrimes; and the Canadian Security
Intelligence Service shares expertise on
cyber espionage.
CCIRC’s success depends on its alliance
with private sector and intergovernmen-
tal and international partnerships. Over
the past years, CCIRC’s network of part-
ners has grown exponentially. It has es-
tablished trusting partnerships in Canada
and abroad, and seeks new ones. Gener-
ally speaking, CCIRC’s work involves mul-
tiple processes that feed into each other
in an ongoing operational cycle. As more
data get analyzed, shared and fed back
to CCIRC’s partners, they in turn provide
CCIRC with more information. In addition
to this, CCIRC monitors its own productiv-
ity and practices for accuracy and efficien-
cy, using this information to continually
improve its processes.
CCRIC’s mission is critical. The expertise
of its highly trained and experienced staff
makes it essential for Canadian organiza-
tions looking to mitigate or resolve cyber
security issues. Indeed, CCIRC offers an
additional safeguard for its partners: it
notifies them of potential, imminent or
actual cyber threats, vulnerabilities or in-
cidents that could impact their organiza-
tion. It also can provide them with advice
and support to respond to and recover
from targeted attacks. The relationship, of
course, is mutual. CCIRC also relies on its
partners to do their part in sharing cyber
threat information in a timely manner.
CCIRC builds on its existing partner-
ships. It hosts an annual Geek Week event,
an IT security workshop with peers from
the cyber technical community which fo-
cuses on solving current cyber security
problems faced by Canadian critical in-
frastructure owners and operators. Dur-
ing the week-long event, participants (IT
professionals from the public and private
sectors, and international counterparts)
work together to develop innovative tools
to address complex cyber issues and to ad-
vance cyber security. Some of the tools cre-
ated during the last events are actually be-
ing used today by IT security specialists to
process threat information. It is a unique
opportunity where security experts share
expertise, learn new skills and, more im-
portantly, build trusting relationships.
“Geek Week is one of the most meaning-
ful Canadian events that is currently held,”
said Natasha Hellberg from Trend Micro,
one of the IT companies that participated
in the event. “It brings together individu-
als from a range of industries and partners
to collaborate on specific and practical is-
sues facing IT security shops today,” she
observed. “Innovation can only happen
through collaboration, and I’m deeply
grateful to CCIRC for their efforts to build a
strong community to make Canadians bet-
ter protected and applaud their hard work
in putting such a great event together.”
The third edition of the event and it will
take place in Ottawa at the end of October.
It will be the biggest event to date with
some of the most reputable IT profession-
als working in leading technology driven
organization, including many private and
international CCIRC partners. It will also
be the first time that this event will be or-
ganized in partnership with a University.
The Technology Innovation Management
program, an innovative master’s program
at Carleton University in Ottawa will be
this year’s partner; allowing for the par-
ticipation of a select group of students and
professors. This new level of partnership is
strengthening the Government’s relation-
ship with academia and helping to build
Canada’s next generation of IT experts.
“Our best defence against cyber threats is
our ability to work together,” said CCIRC’s
former director Gwen Beauchemin. “To-
day’s malware is 50% different than yester-
day’s, and there are not enough cyber ex-
perts to fill Canadian vacancies. By sharing
information on cyber security threats and
defensive techniques, experts can identify,
prevent and mitigate cyber risks more ef-
fectively. CCIRC has the means to gather,
analyze and share the Canadian cyber
threat picture as well as partner with In-
ternational counterparts to see the Global
threat landscape. We are always looking to
build new trusted partnerships with own-
ers and operators of vital cyber systems to
help us better protect Canada and Canadi-
ans against cyber incidents.”
As new technologies emerge, they bring
many advantages for businesses, but also
vulnerabilities that could undermine na-
tional security and Canada’s economy.
There is a need for Canada and businesses
to not only adapt to new cyber realities, but
to anticipate them and be more innovative.
Public Safety Canada is leading the Govern-
ment’s review of Canada’s cyber security
measures to fortify Canada’s approach to
cyber security by being even more proac-
tive, innovative and capable of adapting to
the incessant evolution of cyberspace.
As part of this review, a public consulta-
tion on cyber security is currently under-
way to hear and learn from businesses,
academics, experts, stakeholders, as well
as Canadian citizens, students and busi-
ness leaders interested in this topic. This is
a broad engagement consisting primarily
of online consultation, as well as some in-
person engagement with existing Govern-
ment cyber security networks and tables,
including stakeholders and partners. The
Government is looking for views and ideas
on various trends and challenges of cyber
security in different areas such as its evo-
lution, economic significance and growth.
The consultation is also an opportunity to
get a sneak peek and provide feedback on
the Government’s way forward and some
new initiatives under consideration. The
information gathered will help identify
gaps to be addressed and opportunities to
increase Canada’s cyber security capability,
resilience and innovation. It will also help
to identify opportunities to carve out Cana-
da’s competitive advantage in this field and
to maximize the benefits of digital life for
Canadian citizens and businesses.
Prior to 2010, CCIRC had fewer than ten employees to respond to
incidents and publish technical reports. In 2011, CCIRC’s mandate
was refocused to provide national-level cyber security coordination
for systems outside of the federal government, especially Canadian
critical infrastructure organizations.