Top Canadian cyber security body releases flagship guidance for critical infrastructure

From: Communications Security Establishment Canada

News release

October 29, 2024 - Ottawa, Ontario

The Government of Canada is committed to enhancing the security and resilience of critical infrastructure and exercising leadership in cyber security to foster collaboration. To that end, critical infrastructure operators in Canada now have an important new resource to help protect themselves against cyber threats.

Today, the Canadian Centre for Cyber Security (Cyber Centre), a part of the Communications Security Establishment Canada (CSE), is publishing a suite of voluntary guidelines designed to further protect essential services for people in Canada and enhance cyber security resilience overall.

Called the Cyber Security Readiness Goals (CRGs), this new resource offers a toolkit with 36 cross-sector cyber security practices — that build on available advice and guidance. The CRGs list important steps organizations can take toward goals that will improve their cyber security posture in the face of increasingly complex cyber security threats.

Designed to be an evergreen resource that can be used by all critical infrastructure sectors, the CRGs will be updated by the Cyber Centre based on feedback from partners and as the threat landscape evolves over time.

Critical infrastructure services and systems are increasingly vulnerable due to their reliance on complex networks of interdependent digital services, assets and facilities.

This flagship resource is yet another step forward in Canada’s ongoing efforts to remain at the leading edge of cyber security resilience and protect this country’s vital critical infrastructure systems.

Quotes

“Protecting Canada’s critical infrastructure is a number one priority for CSE. We are proud to offer this resource as another important tool to support our country’s cyber resilience.”

Rajiv Gupta, Head of the Canadian Centre for Cyber Security

“As threats evolve, our response needs to become even more robust. Prevention is key and this new resource is a key defence against ransomware and other cyber threats.”

Bridget Walshe, Associate Head of the Canadian Centre for Cyber Security

Quick facts

  • The CRGs feature six pillars and 36 goals. The six pillars include: Govern, Identify, Protect, Detect, Respond, and Recover.

  • The CRGs are in line with the recent work of the Cyber Centre’s international partners, such as:

    • The UK’s Cyber Assessment Framework, a resource created by the National Cyber Security Centre for organizations with vital roles in UK, including CI organizations.
    • The U.S.’s Cross-Sector Cybersecurity Performance Goals, directed by the Cybersecurity and Infrastructure Security Agency (CISA).

  • During the 2023-2024 financial year, the Cyber Centre engaged with almost 1,900 Canadian critical infrastructure organizations to increase Canada’s cyber resilience across all sectors.

  • Critical infrastructure organizations are considered systems of importance because they are essential for Canada to function. Key sectors include: democratic institutions; education; energy; finance; food; health; information and communications technology; manufacturing; municipal, provincial, territorial and Indigenous governments; transportation and water.

  • This year, the Cyber Centre put added emphasis on working with Canada’s energy sector to improve its cyber resilience. In June 2023, the Cyber Centre published an assessment of the cyber threat to Canada’s oil and gas sector.

Associated links

Contacts

Stay Connected
Follow us on X (Twitter)

For more information (media only) please contact:
Media Relations
Communications Security Establishment Canada
media@cse-cst.gc.ca

 

Page details

Date modified: