Ottawa has made little progress on recommendations meant to shore up the cybersecurity of Canada’s Crown corporations, more than 18 months afteridentified the risk of those organizations inadvertently acting as gateways into the federal government’s well-protected networks.
Though Crown corporations are largely meant to be independent of government direction, they hold sensitive information about Canadians, the NSICOP report says. And that data is at risk of compromise by sophisticated online actors, including foreign governments, it adds. Asked why no additional federal organizations have been brought into the fold of the Treasury Board’s policies since NSICOP’s report, a secretariat spokesperson, Barb Couperus, pointed out that the report called for the policies to be extended “to the greatest extent possible.”
Stephanie Carvin, an associate professor at Carleton University and a former federal intelligence analyst, said that taking an opt-in approach to cybersecurity standards is generally not successful. In January, 2021, for instance, the Canada Council for the Arts received a message from someone seeking an update on a payment they’d made to the council, according to a summary of a breach report. When the Crown corporation went looking for the money, it learned it had never received the funds. The payment had been made to someone else.
Hey, give some credit. TikTok is now banned from mobile devices.
Useless, treasonous government.