Canada’s critical infrastructure is vulnerable to attack thanks to an absence of cybersecurity standards and a lack of co-ordinated information sharing. Cybercriminals have successfully breached the systems of large companies holding Canadians’ sensitive personal data, including major banks and telecommunications. In the face of these real and rising online threats, the federal government has offered only timid responses. And police confess they’re mostly powerless.
It’s long past time to protect Canadians from online predators, the Senate Committee on Banking, Trade and Commerce said in a report, Cyber assault: it should keep you up at night. For example, Canadians have little recourse when businesses do not take adequate steps to safeguard their personal information. The Office of the Privacy Commissioner of Canada, which is responsible for protecting privacy rights, does not have the power to make companies comply with privacy legislation, or to impose fines when companies breach these laws.
The committee is urging the government to prioritize cybersecurity education as part of its national cybersecurity strategy. The committee also recommends that the government create a new minister for cybersecurity to coordinate security efforts across all levels of government and to help Canadians hold the federal government to account.