By Dain Oh, The Readable
May 5, 2023 9:10AM GMT-7 Updated May 5, 2023 5:35PM GMT-7
San Francisco ― It was 2014 when Canadians found themselves falling victim to hacking. In July of that year, government investigators in Canada confirmed that the digital footprints, discovered in the network of the National Research Council of Canada (NRC), belonged to Chinese state-sponsored hackers. The NRC is the research and development hub for the nation, with a core mission to foster industrial innovation that will lead to economic prosperity in the future.
Four years later, the Canadian government announced the establishment of the Canadian Centre for Cyber Security (the Cyber Centre) within the Communications Security Establishment (CSE). Committed to protecting Canadians from cyber threats, the Cyber Centre has become “the single unified source of expert advice, guidance, services and support on cybersecurity for Canadians and Canadian organizations.” Sami Khoury took on the role of Head of the Canadian Centre for Cyber Security in 2021, after previously serving as the Chief Information Officer for CSE.
The Readable sat down with Khoury, who was visiting San Francisco for the RSA Conference, to learn about the work that the Cyber Centre has done since its foundation.
◇ Building one voice for national cybersecurity
“Through the big incident in 2014, we learned a lot about how to do cybersecurity,” recalled Khoury who inspected the breach for CSE at that time. “By 2018, we [CSE] were recognized as the experts for the government in cybersecurity.” This acknowledgement consequently made the Canadian government consolidate its cybersecurity functions, which had previously been conducted by several different departments, into the single agency of CSE.
The National Cybersecurity Strategy, announced in June of 2018, signaled that the government would speak about cybersecurity with one voice through CSE. The strategy introduced the Cyber Centre as the first measure to fortify national cybersecurity, mentioning that the funding granted to the center was “to support leadership and collaboration between different levels of government and international partners, while providing a clear and trusted resource for Canadian citizens and businesses.”
Furthermore, Ralph Goodale, the Minister of Public Safety and Emergency Preparedness Canada, wrote in the publication that the importance of the strategy’s core goals was reflected in Canada’s annual budget, investing more than 500 million dollars in cybersecurity over five years. “As the largest single investment in cybersecurity ever made by the Canadian government, Budget 2018 demonstrates our commitment to safety and security in the digital age,” stressed the Minister.
“As a result, officials who were covering cybersecurity in other departments were all transferred to CSE,” said Khoury. In October 2018, the Cyber Centre was officially launched under CSE, as Canada’s national authority on cybersecurity and cyber threat responses. According to the head of the Cyber Centre, additional mandates were given to CSE, which is now “much bigger than just the government,” enabling the Cyber Centre to supervise cybersecurity for critical infrastructure, small and medium businesses, and citizens.
◇ Cyber threats in plain language
On its website, the Cyber Centre describes its role as “the single unified source of expert advice, guidance, services, and support on cybersecurity for Canadians and Canadian organizations.”
The most significant work that the center has undertaken is evident in its reports, which are written in plain language that the general public can understand. For example, the center updates a report named “An Introduction to the Cyber Threat Environment” along with its regular publication of the National Cyber Threat Assessment (NCTA) report which is published every other year. Defining major terms in its cyber report, such as the term “cyber threat,” the introductory document “provides baseline knowledge about the cyber threat environment, including cyber threat actors and their motivations, sophistication, techniques, tools, and the cyber threat surface.”
The NCTA is published biyearly in October, which is Cybersecurity Awareness Month, with an aim to enhance the understanding of cybersecurity among Canadian citizens. The center publishes only one version of its report so that citizens can refer to a single source for information on cyber threats. The latest version warned about five key dangers, including ransomware attacks, risks imposed upon critical infrastructure, and influence operations in online spaces. Disruptive technologies, including digital assets, machine learning, and quantum computing, were also notable topics in the current publication.
“We work on our reports for six months and more, choosing themes and sourcing information from our intelligence side, but at the end of the day, there is only one national cyber threat assessment, and that assessment is unclassified because we want all Canadians to read it and understand what kinds of threats they are facing,” elaborated Khoury. “There is only one document, and it is written in a language that people can understand.”
◇ Public awareness and the launch of a collaboration center
Khoury mentioned two ways to enhance the public awareness on cybersecurity. One is to publicly inform people of potential threats that could cause severe damage to Canada. Another is to share the government’s decisions regarding cyberattacks that are related to Canadian industries. The Cyber Threat Bulletin of the Cyber Centre is being run to achieve these goals in order to attract the general public’s attention to cybersecurity.
In 2020, the Canadian government attributed cyber incidents against COVID vaccine research to Russia. Last year, the government attributed a global cyber campaign forced onto Microsoft Exchange to China. Once these “powerful decisions” are made by the government, the Cyber Centre plays a role in notifying its citizens of related threats “as one voice at the table,” according to Khoury.
The Canadian government has been increasing its investment in cybersecurity, allocating an additional 850 million dollars to the digital safety budget last year. Most importantly, the Cyber Centre is planning to launch its collaboration center within this year, embracing the public and private sectors as well as its international partners. “We are looking for our colleagues around the world, and we want to do it right,” said Khoury.
The cover image of this article was designed by Sangseon Kim, The Readable. The photo of Sami Khoury was provided by the Canadian Centre for Cyber Security.
Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.