top of page
  • Writer's pictureORNA

Canada Needs a National Security Strategy That Reflects Today’s Realities

A harrowing new report released by several current and former senior national security officials warned that the Canadian government is not ready to contend with the expanding landscape of cyberattacks that threatens national security.

The report was derived from Ottawa’s Graduate School of Public and International Affairs and was based on the experience of recent national security officials, which propounded that the Canadian public and the government itself pay little mind to security issues. The report states:

“Canadians expect their government to protect them. Yet Canadians and their governments rarely take national security seriously. Taking shelter under the American umbrella has worked well for us. This has made us complacent and paved the way for our neglect of national security.”

“We are living in a time of intense global instability when the security of Canada and other liberal democracies is under growing threat,” it continues. “Canada is not ready to face this world. As a country, we need to urgently rethink national security.”

It also remarks that Canada has become complacent and neglectful of national security and that it needs to overhaul its way of thinking in order to counteract encroachments from Russia. This also includes the spread of China’s influence, as well as the proliferation of right-wing extremism in Canada and the United States.

Additionally, the report accentuates the continuation of China and Russia leveraging against Canada’s interests through foreign interference, disinformation campaigns, espionage, hostage diplomacy, and of course, cyberattacks. It remarks that China likely poses serious, long-term challenges.

“Our lack of a firm response, moreover presents a serious risk for our allies, and could affect security and intelligence relations with them,” it says.

The national security issues annotated in the report are not without proposed solutions. It offers a holistic approach to a number of national security concerns, as well as recommendations addressing specific issues that otherwise require immediate attention, all of which are categorized in the report.

A Continuing History of Neglect

A report issued back in 2019 offered an analysis that showed that the Canadian government was falling behind in its ability to respond to cyberwarfare by foreign State threat actors. The report calls to question the readiness of the federal government and military to fight a cyber war.

The report was compiled from 70 interviews conducted with government and military officials, which also included defense industry leaders, which denoted a sense of urgency regarding cybersecurity matters that threaten national security.

The Canadian Association of Defence and Security Industries (CADSI) warned that in spite of investments and policy papers, the country isn’t on par with its allies in fighting cyber warfare, but is in fact, falling behind.

"The cyber threat to the Canadian Armed Forces permeates domestically through vulnerabilities in critical infrastructure, combat systems and equipment, and extends to where the military is deployed abroad,"

the report stated.

Similar to the current report of 2022, the report three years ago also reflected a critical concern regarding the cyberwarfare capabilities of Russia in possessing the strength to launch devastating cyberattacks without a moment's notice, and their ability to covertly collect sensitive intelligence data for years under the radar.

“The CAF has only recently received approval to engage in active and offensive operations at scale (though specialized activity has been present for years)," said the report.

Additionally, Christyn Cianfarani, the defence association's president, expressed that Canada is under a sense of urgency to make its move and advance in matters pertaining to cyberwarfare. “Even if the public doesn't feel the country is vulnerable, she added, "we could stand to be vulnerable by not moving forward very quickly," she said.

Cianfarani stated that other nations are launching cyberattacks against Canada. "Other nations aren't just attacking Canada in a short-game play. They are attacking Canada and trying to influence things in our country in a long-game play."

At the time of the publication, Canada was not engaged in the cyber warfare landscape, which means that the country had not acted as a player in its own campaigns against foreign threat actors at large. Two years later, in 2021, Canada was reported still dragging its feet, without committing to progress.

Thus, from the time these reports were published to the present day, very little progress has been made that sets Canada on the proverbial map of strategic operators in the cyber warfare arena.

What About the United States?

The United States is heralded as being dominant in its cyber capabilities. However, the U.S. government led by the Cybersecurity and Infrastructure Security Agency (CISA), which exists as a component of the Department of Homeland Security (DHS), practically was forced to strong-arm federal agencies to adhere to new cybersecurity mandates because individual agencies would not prioritize cybersecurity.

According to Glenn S. Gerstell, a senior adviser at the Center for Strategic and International Studies (CSIS), who also served as general counsel of the National Security Agency, the U.S. is not ready for a cyber war. Gerstell said:

“If we had approached this correctly 20 years ago, we would be largely invulnerable to cyber attacks. But unfortunately, that is not the case.”

While having prominent offensive capabilities in the cyber warfare environment, its defensive prospects are said to be deficient.

“We’re prepared to respond in the sense that our military has an extraordinary offensive capability to respond on a cyber level – but we are not ready to defend as a country,” he said and added, “The U.S. has been reactive and side-stepped cyber responsibility by simply grafting it on to existing government agencies, making each agency responsible for its own area.”

An article by

Jesse McGraw

Edited by

Ana Alexandre




Rome wasn't built in a day, but your SOC might be.


Weekly cyber insights

Thanks for submitting!

bottom of page