A message from the Defence Chief Information Officer and the Departmental Security Officer

Submitted

Posted on Thursday April 12, 2018


We live in a cyber world. The prevalence of social media, our dependence on electronic banking, and our hunger for instant information and messaging are all indicative of the increasingly important role that cyber-based technologies play in our daily lives.

Canadians are especially tech-savvy and continue to embrace everything cyber. According to information released by Public Safety Canada in August 2016: “Canada has more computers per capita than any other country (129 devices per 100 people) and Canadians are the heaviest Internet users in the world, spending more than 40 hours online per person, per month”.

Within the Department of National Defence and Canadian Armed Forces, we see this trend and the overall cyber world through a very special lens, dictated by our critical role of defending Canada and Canadians.

We anticipate the devastating impact that attacks on Canadian cyber assets could have on our nation’s infrastructure – such as energy sources, air traffic, hospitals, or emergency services – and prepare to protect Canadians in such an environment.

We embrace and evolve the capabilities that cyber-based technologies bring to our daily business and our military operations, such as secure networks and communications, or efficient command and control of resources.

We actively defend our cyber domain against those who would infiltrate our systems with malicious intent, whether to extract the valuable and sensitive information they contain, destroy critical capabilities, or sabotage military operations. The cyber domain must be defended everywhere, because unlike the more traditional land, sea, and air operational environments, it has no physical boundaries. It comprises the computer at our desk, the mobile device in our hand, the databases we maintain, the documents we manipulate, and the email conversations we have, to name a few.

At DND/CAF, our information holdings, systems, and IT assets are protected by layered defences, the details of which are – understandably – classified. However, it is a fact that these defences work together to thwart direct cyber-attacks – every day.

As an organization, DND/CAF is acutely aware of the need for vigilance in the cyber domain. But as individuals, we continue to take risks with the security of our systems, our assets, or even our collective safety. For example, have you ever…Plugged in your portable digital media player into your work computer, just this once, because you forgot your charger at home? Written your DWAN password on a piece of paper under your keyboard, because you might forget it? Opened a Level II classified (Secret) document on your DWAN computer for a few minutes to make a small edit? Failed to turn off your mobile device in a wireless-free zone, because you were expecting an important call? These actions are security violations, and for good reason. In the worst cases, they can enable data leakage, compromise network defences, and cause network outages. They can also have serious repercussions for Defence Team members as individuals, as these violations can ultimately lead to the suspension or revocation of account privileges.

Protecting the security of DND/CAF systems is the responsibility of every member of the Defence Team. Take the opportunity to assess your IT security practices, review applicable IT and IS security orders and directives, and consult your Information System Security Officer if you have any questions. We all have our part to play in defending against cyber threats!