Thank you, Mr. Chair and members of the committee, for the invitation to appear today.
My name is Sami Khoury. My pronouns are he and him. I am the head of the Communications Security Establishment's Canadian centre for cybersecurity, known as the cyber centre.
I am joined today by my colleague, Alia Tayyeb. She is the deputy chief of CSE's signals intelligence branch.
I'm glad to appear before the committee to discuss cybersecurity and cyber operations.
As this is the first meeting of your study, I'd like to begin by providing an update on the current cyber-threat landscape and what CSE is doing to protect Canada and Canadians. I will largely focus on the cybersecurity aspect of our mandate, whereas my colleague, Ms. Tayyeb, will focus on the foreign intelligence piece of CSE's mandate, our support to partners, and our active and defensive cyber-operation capabilities.
Now, more than ever, we understand that cybersecurity is the foundation of Canada's future: for our digital economy, our personal safety and privacy, and our national prosperity and competitiveness. In October, the cyber centre released its third national cyber-threat assessment. This report outlines the current cyber-threat environment.
One of the key points in the report is that cybercrime remains the largest cyber-threat to Canadians and that critical infrastructure is the main target of cybercriminals and state-sponsored threat actors.
Ransomware, specifically, was prominent in the past two years, and it remains a persistent threat to Canadian organizations. The state-sponsored cyber-programs of China, Russia, Iran and North Korea continue to pose the greatest strategic cyber-threat to Canada. In the face of these threats, and as Canada's technical and operational authority on cybersecurity, CSE defends Government of Canada networks and the cyber centre leads the government's response to cyber-incidents. However, cybersecurity is not solely a federal government responsibility or concern, as cyber-threats continue to target and impact Canadian individuals and organizations.
CSE works with partners in the industry, including those outside government, sharing information about threats and best practices in cybersecurity. The Canadian Centre for Cyber Security regularly publishes guidance and expert advice for Canadians.
Moving forward, to continue to adapt to the evolving threat environment, bolster defences and help better protect Canada and Canadians, we hope to see the continued progress of Bill C-26, an act respecting cybersecurity, in Parliament. This legislation would establish a regulatory framework to strengthen cybersecurity for services and systems that are vital to national security and public safety and give the government a new tool to respond to emerging cyber-threats.
We also look forward to continued work to support public safety in the renewal of Canada's national cybersecurity strategy. The renewed NCSS will articulate Canada's long-term strategy to protect our national security and economy, deter cyber-threat actors and promote norms-based behaviour in cyberspace.
For CSE, the renewal of the strategy provides an opportunity to review the situation and build on what the Canadian Centre for Cyber Security has achieved over the past five years. The creation of the centre was actually one of the main initiatives set out in the National Cyber Security Strategy, developed in 2018.
Finally, as we work to build relationships with Canadian industry and other levels of government, we are also focused on collaboration with our international partners, in the Five Eyes and beyond.
I will now hand it over to my colleague, Ms. Tayyeb, to speak to her area of responsibility.