Procedure and House Affairs Committee on June 20th, 2024

Thank you, Mr. Chair.

Thank you for giving me the opportunity to speak to you today. I'll make a few opening remarks on my own behalf and on behalf of the chief of the Communications Security Establishment, whom I want to thank for joining me this morning. I know that she has testified a number of times. Her expertise is vital to the topic at hand.

I've been the deputy clerk of the Privy Council and the national security advisor to the Prime Minister since January 27. Recently, in the course of your committee's work, you heard from my colleague, as I said earlier. You spoke about cyber‑threats from foreign actors.

Cyber‑espionage programs sponsored by China, Russia, Iran and North Korea pose a real threat to Canada. These actors exploit our weaknesses in a number of ways. In doing so, they seek to undermine our democracy, as I said earlier this morning, in order to pursue their geopolitical objectives at Canada's expense.

While the PRC is not the only state that directs cyber-threat activity toward Canada, I must emphasize the far-reaching and sustained nature of the PRC's cyber-activities. PRC cyber-actors have targeted and continue to target the systems and networks of a wide spectrum of Canadian society, including all levels of government, private sector organizations and individuals. All of these aspects of Canadian society have information that could be considered valuable to the PRC. The scope of this threat is significant.

The more we discuss them, the more we understand how best to respond to these threats from a whole-of-society perspective. The Government of Canada has warned Canadians of the cyber-threat caused by state actors. Most recently, on June 3, the Ministers of Foreign Affairs, National Defence and Public Safety issued a public statement warning Canadians of the threat caused by foreign states targeting Canada. The statement and the CSE's cyber-threat bulletin that were released highlighted the interference in our democratic system that has resulted from these efforts.

The Canadian Centre for Cyber Security has joined international partners in issuing public advisories to inform on techniques used by PRC state actors and, most importantly, how to mitigate those threats.

The use of cyber means by the PRC and other states to interfere in our political system will not stop. To address that threat, we must continue to take steps to reinforce Canada's overall resiliency to hostile cyber-activity. The government is in the process of renewing Canada's national cybersecurity strategy, which we anticipate will bring a wide range of initiatives over the course of its implementation.

When it comes to cybersecurity for parliamentarians, a number of changes have taken place in recent years.

The Canadian Centre for Cyber Security works closely with various partners, including House of Commons and Senate staff, to protect parliamentarians from cyber‑threats.

The Canadian Security Intelligence Service also plays an important role in identifying and responding to threats to the security of Parliament.

In March 2023, the then minister of public safety issued a direction to CSIS on threats to the security of Canada directed at Parliament and parliamentarians. CSIS, the CSE and other departments and agencies have also undertaken a significant number of briefings to parliamentarians on a wide range of threats, including cyber-threats. Security clearances have been offered to party leaders to enable a more direct understanding of the threats facing parliamentarians and all Canadians.

As a result, the level of information sharing and transparency regarding threats to parliamentarians is much higher now than it was a few years ago, and we continue to learn and improve our system. I would be remiss if I did not underline the important work of NSICOP and NSIRA—Chair, allow me to use those acronyms, because I think you know them well.

As illustrated in their recent reports on foreign interference in Canada's elections, those two organizations enrich the public understanding and debate regarding national security and intelligence in Canada. These reports highlight the use of cyber tools by threat actors to interfere in democratic institutions and to undertake espionage campaigns against political parties and parliamentarians.

In its special report, the National Security and Intelligence Committee of Parliamentarians said that a cyber‑actor led by the People's Republic of China unsuccessfully targeted members of the Inter‑Parliamentary Alliance on China.

In conclusion, I cannot change how the incident in question was handled in 2021. However, I can say that the Government of Canada is very focused on how to best inform parliamentarians of national security threats.

In a democratic society, addressing the threat to national security requires informed and non‑partisan public debate involving the government, the public and parliamentarians, a process that we're engaged in here today. This type of debate is vital. It helps us to better understand the threats that we face as a country. It also helps us to strengthen our ability to respond to these threats as part of a whole‑of‑society approach.

My colleague and I look forward to answering your questions.

When we share information with anybody, especially when it's pieces of intelligence, it is—

It is very possible that there were caveats. In terms of the briefings, because we held many briefings with the House of Commons, it is very possible that some of the documentation that we shared with them—

Because I wasn't in the meetings myself, I don't know exactly which documents were shared with the House of Commons, but I expect that some of the documents that we did share with the House of Commons would have had caveats, especially based on classification. Having said that—

Mr. Chair, it is possible that, had there been caveats on the documentation provided, those caveats would only be able to be shared with people with similar opportunities and classification to receive that documentation.