The Canadian Conservatives' 2015-16 federal budget sees additional investment in security, with $36.4 million promised over five years to address cybersecurity threats, reports The Vancouver Observer.
The Star explains that new legislation will "set standards for companies operating 'vital cyber systems' to safeguard their network's security, meet 'robust' security goals and report hacking incidents to federal government." They speculate that 'vital cyber systems' may refer to telecommunications firms and internet service providers.
$36.4 million is pledged over five years, starting with $3 million this year.
According to ESET security researcher, Stephen Cobb, efforts to put more resources into the fight against cybercrime are long overdue: "Many governments and companies have been slow to process the implications of global cybercrime activity." He adds, "This move by the Canadian government is a welcome step in the right direction, but needs to be put in perspective; I know Target is pulling out of Canada, but consider this: the criminals who stole data on payment cards from this one retail chain in 2013 made over US$50 million selling the first two million of those records on the black market, that's probably more money than was stolen in all the bank robberies in the U.S. in that year."
The section of Canada's budget referring to cybersecurity states, "Canadians are embracing the many advantages that the Internet offers, but our increasing reliance on cyber technologies makes us more vulnerable to those who would seek to attack and undermine our digital infrastructure and threaten our national security, economic prosperity and way of life."
"The Government is taking action to protect the vital cyber systems that Canadians rely on daily and that are critical to national security. Following consultations, new legislation will require operators of vital cyber systems to implement cyber security plans, meet robust security outcomes for their systems and report cyber security incidents to the Government of Canada," it adds.
On top of the $36.4 million promised, the budget also included details of a planned $58 million five-year investment to protect the Government of Canada's "essential cyber systems and critical infrastructure" against cyberattacks.
"A core priority has been protecting the Government’s cyber systems and infrastructure, to defend against significant security breach attempts by cyber attackers who present ongoing threats to Canada and our allies abroad," the document explains.
"To better defend and protect these systems, the Government is taking action by upgrading critical cyber systems, such as Internet network paths and connections that are used on a regular basis to provide services to Canadians. Taking these measures will ensure that the Government is able to continue to detect and repel infiltration attempts on the Government’s cyber systems and identify malicious actors that seek unauthorized access," the document added.
The Canadian government is not the only one intending to increase its cybersecurity spend. Just this year, President Obama announced plans to oversee a 10 percent increase in American cybersecurity spend, while 75 percent of companies are planning on increasing their security spending in 2015 according to a Piper Jaffray survey. However, as Cobb notes, "Companies and governments are currently playing catch-up, it is going to take a concerted international effort, and a lot more resources, to reduce cybercrime to acceptable levels."
