Last Updated: 2011-01-24 23:32:23 UTC
by Adrien de Beaupre (Version: 1)
Public Safety Canada released their version of a Cyber Security Strategy today. My first impression is that the document is a good start, albeit a bit late. It does demonstrate that the government is trying to show leadership in this area, which is a good thing. What the strategy document lacks is the pragmatic plan and specific steps required to implement it. The document will also serve as the report card for Canadians to evaluate the progress of the various departments that currently handle aspects of cyber security within the levels of government. Particularly Public Safety. In twelve months from now all of the items in their strategy should be reality. Each of the three primary areas the strategy covers are equally important in the long term, and require a significant investment in time, funding, cooperation, partnerships, and leadership. Government systems, applications, and networks must be secured. New better partnerships must be created with all stakeholders in the private and public sectors. The public have the right to expect both guidance and assistance in securing their home computers and identities.
I believe that this truly underscores the need for a national CIRT/CERT in Canada, an organization that can help Canada meet these requirements and follow the steps as laid out in the strategy, as unfortunately it does not currently exist.
It is a step in the right direction, however many more are required.
The strategy is outlined here:
Tell us what you think, or comment below!
Adrien de Beaupré, Handler, SANS Internet Storm Center
Senior IT Security Consultant