(3.25). Public
Safety Canada (PS)
should develop an interdepartmental action plan with deliverables and
timelines for Canada’s Cyber Security Strategy (2010) to guide the
implementation of the strategy and measure progress. |
· Publicly
release an action plan to guide the effective delivery of Canada’s Cyber
Security Strategy.
· Complete
the development of a horizontal performance measurement strategy (HPMS) to
measure and report on the progress made against commitments in Canada’s Cyber
Security Strategy.
· Implement
the HPMS and request performance information annually from the departments
and agencies involved in the implementation of the strategy. |
Director General, National Cyber Security
Directorate |
· Completed
· Completed
· Ongoing |
(3.37). Public
Safety Canada should ensure that all sector networks are fully established
and operating as outlined in the National strategy and action plan for
critical infrastructure so that they can be an effective tool in helping to
secure critical infrastructure in order to deliver the objectives of Canada’s
Cyber Security Strategy. |
· Provide
guidance to lead federal departments and agencies on appropriate coverage for
sector networks, including:
o Draft
guidance based on the sector risk profiles by June 2013; and
o Final
guidance, based on feedback from the lead federal departments/agencies, by
December 2013.
· Work
with lead federal departments to strengthen the sector networks by
facilitating information sharing and providing tools to support risk
management, including:
o Planning
guidance for critical infrastructure sectors;
o Guidance
for critical infrastructure sectors to conduct tabletop exercises; and
o Development
of a national profile of critical infrastructure. |
Director General, Critical Infrastructure
and Strategic Coordination |
· December
2013
· December 2013 |
(3.52). Public Safety
Canada should increase the Canadian Cyber Incident Response Centre’s ability
to maintain situational awareness of cyber threats to Canada’s critical
infrastructure and to increase the Centre’s ability to communicate this
information to critical infrastructure owners and operators. |
· Increase
CCIRC’s operational hours, and operational capacity and capabilities to
enhance support for critical infrastructure and other partners.
· Update
CCIRC’s mandate, and standard procedures and policies to provide greater
clarity to internal and external partners.
· Introduce
CCIRC’s Community Portal, create formal information-sharing agreements, and
launch an incident response pilot to improve information sharing with
partners.
· Continue
to deepen CCIRC’s capabilities and expand its reach by working with lead
sector departments to identify owners and operators of critical
infrastructure. |
Director
General, National Cyber Security Directorate |
· Completed
· Completed
· Completed
· Ongoing |