Good afternoon, Mr. Chair and committee members. It's a pleasure to be with you today.
I'm Sony Perron, the executive vice-president of Shared Services Canada. I'm accompanied today by Mr. Matt Davies, deputy chief technology officer for SSC.
As you are aware, Minister Murray's mandate includes leading a transformation of the Government of Canada into a more digital government in order to improve citizen service. To effectively modernize how we deliver digital services to Canadians, we are investing resources to develop a fast and reliable network that is secure.
As we move to more services online, the risk to Canadians' and the Government of Canada's information is increasing. Robust enterprise cybersecurity services are essential to our plan, and we must accelerate investment in order to keep ahead of our threat actors.
As you can imagine, network security is more important than ever as Canadians access more programs and services online, such as the Canadian emergency response benefit, as more public servants are working remotely.
Prior to the pandemic, approximately 20,000 public servants accessed the network remotely on a typical day. To enable public servants to work from home, Shared Services Canada,SSC, was able to rapidly increase the secure remote access capacity. It can now support 290,000 simultaneous connections. This allowed public servants to continue to serve Canadians during a critical time.
SSC also acquired a suite of collaboration tools so that federal public servants were able to continue working. Today, almost all federal employees are using Teams, which offers a Protected B level of security.
The number of those working online is just astronomical from our perspective. This transition to a distributed workplace has been done without compromising IT security. We are very aware that as the use of digital tools and teleworking increases, so does the risk of being the target of malicious cyber-activity.
SSC is continually updating its security infrastructure and software to leverage the latest security measures. We are committed to protecting the Government of Canada’s data, information, and information technology infrastructure, along with the data and privacy of our citizens so Canadians can rely on a secure, stable and resilient digital government.
We collaborate with the Canadian Centre for Cyber Security and the Treasury Board Secretariat office of the chief information officer. They are essential partners for SSC for the conception and deployment of responsive IT solutions.
In addition, each and every day we intercept two billion malicious activities. These are not theoretical cyber-threats. They are real, and they are organized. Again, in such context, the collaboration and coordination with our partners is critical.
Recently exploited vulnerabilities to SolarWinds and Microsoft Exchange have highlighted the need to be able to respond to cyber incidents quickly and pivot to new technologies.
We recently published a strategy paper on the way forward to modernize the network, which solicited feedback from our various industry partners and stakeholders on the future state of the network.
The paper outlines a number of Shared Services Canada priorities, including moving towards software-defined infrastructure, leveraging improved wireless technology and adopting a zero trust architecture. We are investing in our cyber-defence capability and migrating toward zero trust.
The term Zero Trust means we “never trust, and always verify” everything before granting access, through a process of continuous monitoring. This involves verifying users, validating devices, and ensuring that individuals only have access to the resources needed to do their job.
SSC has increased the overall information technology security of the Government of Canada through services such as multiple-layer defence, vulnerability management, and supply chain integrity. Our integrated cyber and information technology security program protects the infrastructure supporting other departments and agencies.
Let me assure this committee that we are constantly monitoring for cyber-threats, and we have a robust system and tools in place to detect, investigate and take active measures to neutralize them. Under normal operating circumstances, no organization is immune to IT security threats, but these are extraordinary times. Cybersecurity is and will continue to be a priority for SSC to safeguard the government and Canadians from cyber-threats.
We will be pleased to respond to your questions.