Good afternoon, Mr. Chair and committee members.
My name is Scott Jones and I am the head of the Canadian Centre for Cyber Security at the Communications Security Establishment, or CSE.
CSE, reporting to the Minister of National Defence, is one of Canada's key security and intelligence agencies, with a mandate to provide foreign intelligence against a broad range of government priorities. CSE is also the country's lead technical authority for cybersecurity. The Canadian Centre for Cyber Security is a branch within CSE. In our national role, we defend the Government of Canada, share best practices to prevent compromises, manage and coordinate incidents of importance, and work to secure a digital Canada.
I appeared before your committee last May at the beginning of the COVID-19 pandemic, and I would like to provide an update on how the cyber-threat environment has evolved and on the work we have done since then to protect, from all types of cyber-threats, the Government of Canada, the health care sector, Canada's broader critical infrastructure and Canadians.
The COVID-19 pandemic has created an uncertain environment that is vulnerable to exploitation. CSE continues to leverage all aspects of its mandate to help ensure that Canada is protected against cyber-threats and to inform the Government of Canada's decisions. CSE and the cyber centre are continuing to work in coordination with industry partners so that malicious cyber-actors and fraudulent sites are less able to take advantage of Canadians.
Since March 2020, the cyber centre's work has contributed to the removal of over 8,000 fraudulent sites or email addresses, including websites impersonating the Government of Canada and impersonating COVID-19 vaccine booking portals. While this important work has been primarily focused on COVID-19-related fraud, this work continues every day as we identify and remove more fraudulent domains impersonating the Government of Canada or organizations involved in COVID-19 support efforts.
The cyber centre has assessed that the COVID-19 pandemic presents an elevated level of risk to the cybersecurity of Canadian health organizations involved in the national response to the COVID-19 pandemic. Throughout the pandemic, CSE and the cyber centre have continued to raise public awareness of cyber-threats to Canadian health organizations by proactively issuing cyber-threat alerts and providing tailored advice and guidance to all provincial, territorial and regional health authorities. federally funded associations and centres of excellence, patient care facilities, biopharmaceutical companies and research entities, medical device manufacturers, and academic research institutions.
Since the beginning of the pandemic, the cyber centre has hosted over 40 health sector community calls that provide timely updates to the health sector on the evolving cyber-threat landscape. Each one of them is tailored to the health sector. We have grown the health community, which we support, from a handful of organizations pre-pandemic to over 150 key health sector entities, and work with the IT security leads from these entities on a regular basis. The cyber centre, in close collaboration with our colleagues at Public Safety Canada, has facilitated cybersecurity posture assessments for many of these entities in the health sector, assisting them with determining their cybersecurity gaps and working with them to improve their cyber-posture and cyber-resilience.
The cyber centre has been focused on supporting COVID-19 vaccine research and development entities across Canada. We are working with a number of specific vaccine support organizations to offer services, such as protected DNS, that will strengthen their cyber-defence capabilities and dramatically reduce their vulnerabilities to cyber-attacks.
To protect and defend the vaccine rollout efforts, the cyber centre continues to work with the federal task force, the vaccine supply chain and the regional health authorities across Canada to raise awareness on cybersecurity, enforce and increase readiness for incident response and inform organizations when looming threats arise. We continue to reinforce perimeter security and access control to safeguard the vaccine ordering, tracking and data repository that is currently being developed by the federal health authorities. Also, to protect critical infrastructure, CSE and the cyber centre continue to regularly monitor and proactively share threat information with Canadian organizations, government partners and industry stakeholders.
Finally, the pandemic has made all of us more reliant on digital infrastructure. It is critical now more than ever that Canadians have access to the right information on how they can protect themselves online.
The cyber centre has created a collection of advice and guidance products available to inform Canadians about how to stay safe online. I encourage Canadians who are looking for easy-to-follow tips on cybersecurity to visit our website, getcybersafe.gc.ca. For businesses and larger organizations, or if you would like to read more of the publications of the cyber centre, they can be found at cyber.gc.ca.
CSE is constantly working to help address foreign threats and cyber-threats facing Canada in the health sector. We will continue to do so during the current pandemic and well after it's over.
Thank you, Mr. Chair.