In a move to shore up Canada's national security, almost C$700 million (US$518 million) is going toward the task, Ottawa announced on Tuesday.
While the largest amounts are destined to enhance marine security and intelligence capabilities (C$308 million and C$137 million respectively), information technology was not left out. To secure critical government information systems, C$85 million has been set aside; C$10.31 million will go toward implementing a biometric passport strategy; and C$5 million to set up a national cyber-security task to develop a national cyber-security strategy.
John Reid, president of Canadian Advanced Technology Alliance (CATA), is pleased overall with the government's announcement but he was a little disappointed that "there isn't any mention of the commercial opportunity that there is here," he said. "We would have liked to see that a little more explicit."
The IT industry has been particularly hard hit during this recent economic slump and Reid said CATA identified 700 Canadian companies that could provide products and jobs to help achieve Ottawa's security plan. Not only that, but Canada exports a tremendous amount of technology to the U.S., where security is a top priority. "So if we take progressive steps in creating a plan...that is very beneficial to the high-tech sector."
The C$85 million is necessary for the government to overcome one of its biggest security hurdles -- integration. Reid likes to use a switchboard analogy. "None of those buttons are connected together ... which means that you don't understand fully what your exposure and risks are," he said. "So it is a significant IT investment to integrate those systems."
A senior policy advisor in Deputy Prime Minister Anne McLellan's office said the money will be used to strengthen everything from government Web sites to databases to e-mail systems. "We are moving toward a government online ... (so we are) more prone to cyber attacks."
Reid said Canada is not alone in its security vulnerability predicament. "It is not only a criticism of Canada, it is basically a criticism of most countries where you tend to have fiefdoms as opposed to integration."
That these IT security issues are only being addressed now was less of a concern for Bill Munson than the fact they are finally on the table. "Yeah, it is a long time in coming but ... the good news is that it is here, what's past is past," said the director, policy with the Information Technology Association of Canada (ITAC).
The national cyber security strategy, though Canada specific and involving both the public and private sector, will be out with in a year. "We need to have a cyber-security strategy for the country," the senior policy advisor said. "There are officials who are monitoring cyber security but we recognize a lot more has to be done and this is why we want to formalize the process ... to have a national cyber-security strategy."
Both Reid and Munson said it is necessary to use international contacts to make the cyber-security strategy work since a nationally limited focus, in the era of cyber space, is of little use. "You want to build on (an) international architecture, so the mandate of the ... task force would have to have a pretty significant international component," Reid said. Munson agreed, "each of those sectors (public and private) have their own strong links to the international community."
For example, international cooperation will be extremely important when biometric passports are issued in the coming years. "A biometric system that doesn't share information is inefficient...the international component is very high," Reid said.