Thank you, Mr. Chairman, and honourable members of the committee. Thank you for giving me the opportunity to speak to you today.
I have one minor correction for the record. I'm actually with the Emergency Management and National Security Branch, the Cyber Security Directorate, in Public Safety. I've taken note of the committee's proceedings today and thought it might be helpful if I begin my remarks with a brief overview of the government's approach to cyber-security. I'll then elaborate on the role of the Cyber Incident Response Centre, which is part of the National Cyber Security Directorate located in Public Safety Canada.
Let me start by drawing your attention to Canada's cyber-security strategy, which was launched in October 2010 by the Minister of Public Safety, the Honourable Vic Toews. The strategy signals the government's commitment to strengthening the security and resilience of Canada's vital systems and our approach to doing so. That approach is founded on the idea that securing cyberspace is a shared responsibility, one in which we all have a role to play. In implementing the strategy, Public Safety Canada is therefore striving to ensure clarity of roles and responsibilities within the Government of Canada and to establish the partnerships we need with other levels of government, the private sector, academia, and international allies.
Permit me to offer a high-level snapshot of those departments and agencies with an operational role in cyber-security so as to situate the roles of Public Safety Canada and the Canadian Cyber Incident Response Centre in context. In support of Public Safety Canada's mission to build a safe and resilient Canada, the National Cyber Security Directorate leads and coordinates the development and delivery of policies and programs that increase the resiliency and security of the vital systems and their information that underpin Canada's national security, public safety, and economic prosperity. Within the National Cyber Security Directorate, the Canadian Cyber Incident Response Centre is responsible for helping to mitigate, respond, and recover from incidents affecting vital systems outside of the federal government. Since these systems are owned and operated by other levels of government and the private sector, partnerships are essential to strengthen their security. The Cyber Incident Response Centre also works closely with federal intelligence and law enforcement agencies as well as international allies in delivering on its mandate. In the event of a national level cyber-incident, the Cyber Incident Response Centre would play a key role in the coordination of that event.
The Communications Security Establishment, who just appeared before you, along with organizations such as Shared Services Canada, and independent departments and agencies, including Parliament, all have roles in the prevention and the management of cyber-incidents on federal government systems. Two other agencies, the Canadian Security Intelligence Service and the Royal Canadian Mounted Police, have investigative roles that encompass systems both inside and outside the federal government. CSIS investigates cyber-activities that raise national security concerns or appear linked to threats to the security of Canada. The objective of their investigations is to assess threats, and produce intelligence for the government. Law enforcement agencies, whether the RCMP, provincial, or local forces, investigate cyber-incidents that are suspected of being criminal in nature, be their origins domestic or international. The RCMP also conducts national security criminal investigations, as CSIS does not have a law enforcement mandate. The purpose of law enforcement investigations is to prosecute criminals in court.
Clarity of these roles and responsibilities is vital not just for efficiency and effectiveness, but also for focused and rapid response to incidents. For instance, when investigations are initiated evidence must be preserved even as we work to mitigate and recover systems. Since attacks detected on one system will often affect others, the rapid sharing of information between, for example, the Communications Security Establishment, which is acting to protect the government, and CCIRC, which is trying to share its information with its partners, is essential.
Let me turn now to setting out in greater detail how the Cyber Incident Response Centre delivers on its mandate to contribute to the security and resilience of the vital cyber-systems that underpin Canada's national security, public safety, and economic prosperity. As Canada's national computer emergency readiness team, CCIRC's role is twofold: it monitors and provides mitigation advice on cyber-threats, and it coordinates the national response to major cyber-security incidents. As such, the Cyber Incident Response Centre is Canada's national coordination centre for the prevention, mitigation, and response to cyber-events.
To fulfill its role, the Cyber Incident Response Centre provides authoritative advice to, and coordinates information sharing and event response among all levels of government, international counterparts, critical infrastructure operators, the private sector, and information technology vendors. These activities are focused on providing assistance and coordination to resolve the incident and to bring operations back to normal.
CCIRC is not an investigative body. It does not have law enforcement or regulatory authorities. The Cyber Incident Response Centre works under the premise that prevention and preparation are the most effective ways to enhance Canada's cyber-security. We act as a trusted broker for information on threats, vulnerabilities, and mitigation techniques. We have our own technical capability, and we invest considerable effort in forging trusted relationships that lead to an exchange of detailed, actionable information. Since these relationships often involve the disclosure of information that our partners consider to be either proprietary or potentially damaging to their public reputations, we guard their privacy fiercely.
CCIRC aggregates and analyzes the information it receives in confidence from sources both inside and outside the government. We then develop mitigation advice and best practices for our partners to use in defending their cyber-infrastructure, while protecting sources. Through our various information and guidance products, as well as through briefings in trusted settings, Public Safety Canada also raises awareness of the need to take greater steps toward cyber-security.
In short, during an incident, CCIRC collaborates with the affected organization to help bring it back up and running, ensures that our federal partners are apprised of how they can use the information to fulfill their mandates, and develops mitigation advice so that other organizations and sectors can take appropriate precautions.
Cyber-incidents and attacks occur frequently, but vary greatly in severity. In many cases, they are merely a nuisance, and the cyber-community is capable of defending itself against them. Nonetheless, some cyber-threats have the potential to escalate into something more serious. For this reason, the Cyber Incident Response Centre dedicates time and resources to maintain awareness of potential cyber-threats and their potential impact. The early identification of a cyber-threat allows us to better understand it, and therefore better contain it, should the threat escalate.
Ultimately, the federal government and agencies involved in cyber-security remain committed to the protection of Canadian networks. While we all have our roles to play, collectively we share the premise that our cyber-security is indivisible. If the government is being hit, in all probability so are others, and vice versa. We will continue to collaborate with domestic and international partners to identify and mitigate threats as they arise in order to enhance the safety of Canada's digital infrastructure.
Thank you for your attention, and now on to your questions.