Canada’s Minister of Public Safety and Emergency Preparedness, the Honourable Steven Blaney has announced that cybersecurity is to benefit from $142.6 million in new funding.
This is not the first investment by the Canadian Government in cybersecurity this year. In April $94.4 million was allocated to two initiatives as part of the Economic Action Plan 2015. All of this adds up to $237 million to help fund cybersecurity across Canada.
This latest announcement is to be split across three different initiatives that will support cybersecurity both inside and outside the government. At present there is little information as to how it will allocated although those numbers should be available soon.
RCMP to create dedicated cyber crime unit
The first group to get additional funding is the Royal Canadian Mounted Police (RCMP). According to the press release the money is to be spent on training as well as establishing a dedicated investigative team to combat high-priority cybercrime. This will bring Canada into line with other countries who have already established such units.
This money will be welcomed by the RCMP as they struggle to deal with a rise in computer crime. Last weekend, hacking group Anonymous claimed responsibility to taking down websites belonging to the RCMP. This was followed on Monday by the publishing of data stolen from cheating website AshleyMaddison.com.
Cyber incident response centre gets more funding
The Canadian Cyber Incident Response Centre (CCIRC) will also get more money to help it secure private and critical infrastructure sectors. The CCRIC deal with cyber incidents in the private sector. Along with the RCMP they will be involved in investigating the AshleyMadison attack as well as other threats.
The press release claims that in 2013 the Canadian Anti-Fraud Centre (CAFC) received over 16,000 complaints of cyber-related fraud which accounted for $29 million in losses. It is likely that it will also benefit from some of this new money.
One of the projects that this new investment is to fund is systems to support greater collaboration and information sharing. It will be interesting to see if this means investment into some of the Threat Intelligence solutions being offered by large software companies such as IBM, HP, Trend Micro, Kaspersky and others.
It was also noticeable that there was no mention of new compliance requirements for companies to report any cyber attacks. Without this it will be difficult to get all the information required to quickly map attacks as they occur and minimise the damage.
Money for regions to secure critical infrastructure
The Regional Resilience Assessment Program (RRAP) is getting more money to support its site assessment programme. Cyber attacks on critical infrastructure is a serious concern for many countries and Blaney’s announcement will be seen as a serious boost for Public Safety Canada as it looks to raise cyber security standards across utility companies.
This announcement of greater funds will be seen as a boost for local cyber security companies in Canada. It still leaves the question “Is this enough?” If you look at the investment from commercial companies, especially multi-nationals, this funding seems on par with many of them.
However, they are investing in a single large organisation with well defined boundaries while the Canadian Government is spreading the money thinly across a number of government and non-governmental bodies.