Evidence of meeting #5 for National Defence in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was question.
A video is available from Parliament.
5:15 p.m.
Liberal
The Chair Liberal John McKay
Yes, that's an excellent use of four seconds.
Go ahead, Ms. Lambropoulos.
5:15 p.m.
Liberal
Emmanuella Lambropoulos Liberal Saint-Laurent, QC
Thank you, Chair.
First of all, thank you for being here to answer our questions.
My first question is around cyber-threats. I know that Minister Anand has in her mandate letter several references to cybersecurity. We heard from CSE and CSIS at our last meeting that these threats have been increasing steadily for the last while, mainly by China and Russia, along with others.
What kind of plans do you have going forward in order to make sure we accomplish this part of the mandate?
5:15 p.m.
Chief, Communications Security Establishment
Thank you very much for the question. It's very front of mind. CSE's mandate is first and foremost in cyberspace. Whether we're collecting foreign intelligence through cyberspace or we're helping to protect systems through our cybersecurity mandate, it is our raison d’être, so this part of the minister's mandate letter is very near and dear to our hearts.
As you said, they are increasing in sophistication, in number and in variety. We have to really look at what it's going to take for Canada to address some of these. We have decided that a whole-of-society approach is the most appropriate one. In that whole-of-society approach, the federal government does play a specific role, and has a key lead role to play.
For example, when it comes to defending the government systems, we have also consolidated our cyber expertise at the federal level within CSE in the cyber centre. We produce cyber-threat intelligence through our foreign intelligence mandate, or FI mandate, and we have new legislation that allows us to conduct foreign cyber-operations offshore to help mitigate some of the threats before they materialize in Canada.
It's not just CSE; it's very much a team sport at the federal level. One thing we're trying very much to do is to share some of the competitive advantage we have through our federal mandates back with the public. We are doing more public threat assessments that really incorporate the insights that come from our intelligence mandate. We're providing advice, guidance and technical indicators publicly, but also through secure and special channels to critical infrastructure owners and operators and defenders so that they can have the information they need.
We are providing tools that we develop, in our own mandate, into the public domain so that Canadians and others can use them. We're also providing our threat feeds to other organizations—to CIRA, for example, which is the Canadian DNS registry. It allows them to take our threat feed and pass that along to Canadians through apps that they develop, such as Canadian Shield. We are also taking down fraudulent domains that are masquerading as the Government of Canada. In the last couple of years, we have taken down about 10,000 of those sites, together with industry partners.
The minister's mandate letter is asking us, just as a reminder, to ensure that CSE is in a position to continue to lead Canada's response to the evolving cyber-risks. They are definitely in a dynamic and fluid space right now. We will continue to work with critical infrastructure sectors and government jurisdictions, such as provinces, territories and municipalities, and really try to decant the knowledge we have with them. We will be working with the minister and her team to address the mandate letter to look at the resourcing for CSE.
5:15 p.m.
Liberal
Emmanuella Lambropoulos Liberal Saint-Laurent, QC
In your opinion, what would CSE need in order to help it fulfill its mandate?
5:15 p.m.
Chief, Communications Security Establishment
Our mandate exists across the entire country. We have a mandate for defending Canadian government systems. I feel like there is some more work that needs to be done there. However, the defences that we have built so far are quite dynamic and resilient. We are really working on a more national campaign to get Canadians, small and medium enterprises, and critical infrastructure owners and operators to really try to raise the bar by just adopting basic cybersecurity hygiene measures. This will go a long way to stopping many, many different kinds of threats that are out there.
We have a number of ideas, and we're working through those with the minister's office.
5:20 p.m.
Liberal
Emmanuella Lambropoulos Liberal Saint-Laurent, QC
Perfect. Thank you.
Mr. Chair, how much time do I have left?
5:20 p.m.
Liberal
Emmanuella Lambropoulos Liberal Saint-Laurent, QC
Okay.
I was going to refer to COVID-19 and the fact that recently we've seen an increase in service to Canadians here at home by the armed forces. If we were to focus a bit more on that, do you believe that would attract more people to the forces?
5:20 p.m.
Liberal
The Chair Liberal John McKay
That's, again, an important question, but there's no time for the response.
5:20 p.m.
Liberal
The Chair Liberal John McKay
With that, we'll move to Madame Normandin for two and a half minutes, please.
5:20 p.m.
Bloc
Christine Normandin Bloc Saint-Jean, QC
Thank you, Mr. Chair.
Before I ask my question, I would once again like to thank the witnesses for making themselves available.
I will ask just one question, with two parts. I invite you to take all the time you need to answer.
We have often heard that postings hinder employee retention and recruitment.
I would like to know, first of all, what measures are being taken to reduce the number of postings deemed unnecessary and, second of all, what is being done to improve support for families when postings are necessary. This situation is often most difficult for families.
Could you please answer both parts of the question?
5:20 p.m.
Gen Wayne D. Eyre
We are working on trying to prolong the posting duration in various locations so we don't have to move as frequently. We're asking the hard questions. Is it absolutely necessary that this individual and their family have to move this summer? If not, let's leave them in location. It's a complex problem because we have to realize that some locations are more preferable than others. Some of our more remote locations have to be properly staffed. We have to share, to be fair, the postings to those locations. That is one aspect.
The other aspect is working with the provinces to make the transition between provinces much easier, to ease the burden on families with things like health care, driver's licence and so on. Another example is certifications of spouses and their employment.
Finally, I would add that we have learned over the course of the pandemic that through remote work, working from a distance, you can actually get things done—as we are doing here at this committee. Leaving people in position in one part of the country and having them work in another is something that we've started to do. We can't do it for everything. It works for knowledge workers. Technicians, those who have to operate in the field or those who have to fly aircraft, can't commute to work from a distance in those positions.
5:20 p.m.
Liberal
The Chair Liberal John McKay
Thank you, Madame Normandin.
With that, we go to Ms. Mathyssen for two and a half minutes, please.
5:20 p.m.
NDP
Lindsay Mathyssen NDP London—Fanshawe, ON
Thank you, Mr. Chair.
A number of investments need to be made, of course, in NORAD's modernization. We've spoken about that, as well. I'm not sure if this is directed towards General Eyre or Mr. Matthews. This has a huge potential cost, of course, so I'm wondering if the department has done any sort of cost analysis on that. Do we have an idea of what the price tag would be on that modernization?
5:20 p.m.
Deputy Minister of National Defence, Department of National Defence
I can start, Mr. Chair. Chief, please feel free to supplement.
The analysis is ongoing. The department did receive funding to do analysis and costing and evaluate options. Obviously, something like this is not a “take it or leave it” type of project; there are options to be discussed and evaluated. That work is ongoing and will take some time to complete, but it's under way and—
5:20 p.m.
NDP
Lindsay Mathyssen NDP London—Fanshawe, ON
I'm sorry to interrupt. What would be the timeline on that?
5:20 p.m.
Deputy Minister of National Defence, Department of National Defence
I can't give you a firm timeline, but it's not weeks. We're talking months. It's been under way for some time, but it is complicated work. The government will have a decision to make on what options they'd like to pursue, but that work still has a ways to go.
5:20 p.m.
Gen Wayne D. Eyre
I would just add the cost of not doing this. As the threat increases, we see potential adversaries making significant investments in military technology, hypersonic weapons and the like, which increasingly put our continent at risk. If we take a look, we see that potential adversaries consider the United States and Canada as one integrated target set, so given the capabilities that are out there, including for the use of conventional cruise missiles and hypersonics, it is not inconceivable that we could easily be under threat.
As our north opens up and our sovereignty may at some time come into question, we have to be able to respond up there as well, so the costs of not doing this are something that weighs heavily.
5:25 p.m.
Liberal
5:25 p.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Thank you, Mr. Chairman.
What are the most challenging state actors to Canadian national security on the cyber front?
5:25 p.m.
Chief, Communications Security Establishment
As you know, CSE has a mandate to conduct foreign intelligence, and a large part of that is looking at foreign cyber-threats. I've also just mentioned that we try to decant the knowledge we have into our public threat assessments.
The last national cyber-threat assessment highlighted four countries—Russia, China, Iran and North Korea—as the most significant strategic cyber-threats to Canada, but we also talked about how pervasive cybercrime is as an ever-present threat as well.