Thank you, Mr. Chairman.
I am happy to be given the opportunity to appear before the committee today. My name is Toni Moffa and I am the assistant deputy minister or deputy chief of the information technology security program at Communications Security Establishment Canada, or CSEC. With me today is Scott Jones, the director general of our cyber defence branch.
I will begin with some opening remarks that summarize the mandate and activities of CSEC. The mission of CSEC, for over 65 years now, is to provide information and to protect information of importance to the Government of Canada.
As you may already know, CSEC leverages its leading-edge technology expertise and national and international partnerships to provide three key services to the government of Canada. First, we collect foreign signals intelligence in accordance with the federal government's intelligence priorities that are established annually by cabinet.
Second, we provide advice and services that help protect electronic information and information systems of importance to the government of Canada through our IT security program. This is the program that I am responsible for and representing today.
Third, while we are not a law enforcement, investigative, or regulatory agency, we do work with our federal partners in the security intelligence and law enforcement community in the form of technical and operational assistance that allows them, on their request, to leverage our unique expertise and capabilities at CSEC in the lawful pursuit of their own mandates.
All of our mandated activities are subject to numerous internal and external accountabilities and reviews, including the external and independent review by the Communications Security Establishment Commissioner, to ensure our strict adherence to applicable laws that govern our operations and to respect the privacy of Canadians.
I am the assistant deputy minister responsible for managing the IT security program. That program provides products and services that help prevent, detect, and defend against information technology security threats and vulnerabilities. In this capacity, we share a responsibility with other federal departments and agencies. We work with the Treasury Board of Canada Secretariat's chief information officer branch, with Public Works and Government Services Canada, and with the newly created Shared Services Canada to reduce vulnerabilities and diminish the success of IT security threats in federal IT systems.
For prevention purposes, we develop technical standards and guidance, which, when implemented by federal departments and agencies, help strengthen their IT systems' security and resilience. To detect and defend against IT security threats, we work closely with the Treasury Board of Canada Secretariat and Shared Services Canada, and with the additional cooperation of the Canadian Security Intelligence Service, the Royal Canadian Mounted Police, and Public Safety Canada, we track the activities and methods of IT security threats seeking to steal or do harm to federal information systems, or to systems that the federal government cares about.
The contribution of CSEC to these shared efforts is to use our unique technical expertise, capabilities, and classified information to complement the commercial security technologies already available or in use by federal IT security practitioners. Commercial security technologies used in federal systems, similar to those used by individual citizens on home computers and networks, help track millions of publicly known threats, and prevent the success of cyber-activity that could result in the theft of sensitive, classified, or personal information, or an online criminal activity.
Similarly, CSEC has developed its own methods and operations to monitor federal government communication connections to the Internet, and to detect and defend against those IT security threats that are not in the public domain. For systems that fall victims to these activities, CSEC offers assistance for a focused and quick response to mitigate the IT security incident, and prevent it from recurring. Technical information on these IT security incidents that occur in one area or department is also shared across government IT departments, including the parliamentary precinct, in an effort to avoid similar IT security threat activities from occurring there.
In order to take greater steps to enhance IT security across the country, this information is also shared with our Public Safety Canada partners, who will share the information through their partnerships outside the federal government.
The Internet has evolved into an indispensable and useful tool for government operations, businesses and their financial transactions, social networking, and information sharing for citizens. However, with two billion users on the Internet, it is also an environment that is attractive to those who seek to take advantage of its inherent vulnerabilities for criminal or other nefarious activities. Through CSEC's IT security program, our products and services try to help prevent those things from happening on government networks, and we also help them recover when they become the victim of serious IT security threats.
That is my brief overview of CSEC and its IT security program. I'd be happy to respond to any of your questions.