Awareness of Canadian cyberspace security issues should be less like the hum of elevator music and more like the blast of a teenager’s stereo, says the president of a national information technology lobby group.
Gaylen Duncan, president of the Information Technology Association of Canada (ITAC) said that the White House’s announcement Tuesday that National Security Council member Richard Clark would become the presidential adviser for cyberspace security brings the U.S. up to speed on cybersecurity awareness. Now, he said, Canada needs to catch up.
“I think it (the new American post) is going to spend some time working out the mandate, but at least the debate is engaged in the States, but here it is just humming in the background; it is not engaged,” he said. “It is like background music and we want to get it more like my son’s music from Napster.”
Duncan added that he was pleased last February when Prime Minister Jean Chretien created the Office of Critical Infrastructure Protection and Emergency Preparedness and appointed Margaret Purdy to associate deputy minister of national defense, making this office one of her prime duties.
“It is still working out what its mandate is,” he said. “It may be a bit late off the starting gate, but at least we are headed down the right road. I think what we need to do is get the right kinds of people around the table to get talking.”
As President George Bush’s special adviser for cyberspace security, Clarke is directed to help mesh ongoing critical infrastructure protection efforts in various government agencies and the private sector. In the case of disruption, he will orchestrate efforts to restore systems.
Max London, a spokesperson at the office of critical infrastructure protection and emergency preparedness in Ottawa, said Canada’s plan is a little different structurally than the United States, but that it makes sense.
“Canada is the only country in the world that has combined the cyber protection issue with a more traditional emergency management function,” London said. He explained that the combination of the two was logical because many of the government’s necessary systems and networks are closely tied to services that protect the health, safety and well being of citizens such as communications, transportation and services like utilities and banking.
“The recognition was that these sectors are increasingly reliant on information technology,” he said. “A failure in one sector could have a cascading effect in other sectors.”
London added that the threats the systems face, which include human and natural disasters from cyber espionage to ice storms, are better dealt with in an “all hazards approach.”
However, Duncan would like to see government take one more step beyond government security issues into an awareness capacity.
“I am assuming that between CSIS and the RCMP and the military and the communications establishments, I am assuming the national networks are protected – that we have the best whiz-bangers advising the politicians on what they should be doing and they are doing it,” he said.
“That, I think is even more true since Sept. 11 than it’s ever been. But what if someone wanted to pick off the top 30 (private) companies on the stock exchange and interrupt the economy. Is there a role for government there? I kind of think there is.”
London agreed that the terrorist attacks on Sept. 11 changed the world and security policies forever.
“We did step up our monitoring of critical monitoring across the board and we have been working with other departments and the provinces,” he said. “We will continue to provide updates on threat information as we get them. At this point, we say that we can’t be complacent. It makes sense to be vigilant.”
With files from IDG News Service
ITAC in Toronto is at www.itac.ca
The Office of Critical Infrastructure Protection and Emergency Preparedness in Ottawa is at www.epc-pcc.gc.ca