Canadians issue digital security recommendations in the financial sector

After several meetings on the issue of digital security in the financial sector, the Committee came up with nine recommendations that reflect the current dangers facing the financial industry and what the Government of Canada can do to help protect organisations. Some recommendations include:

Recommendation 1: The Committee advises on setting a sub-committee dedicated to studying the public safety and national security aspects of cybersecurity, with potential areas of inquiry including international approaches to critical infrastructure protection, impact of emerging technologies, and cyber supply chain security.

Recommendation 2: Along with encouraging Canadians to adopt sound cyber hygiene habits, the Committee recommends that the Government of Canada undertake efforts to ensure the digital products and services they rely on, including products that are part of the Internet of Things, are ‘secure by design’.

Recommendation 3: The Government of Canada needs to recognise both the promise and the peril of artificial intelligence for cybersecurity, and to ensure that this duality is addressed in its national cybersecurity framework.

Recommendation 4: The Government of Canada is advised to increase the country’s existing quantum skills capacity and continue to support research and development of quantum technologies and encryption standards that will ensure Canada’s electronic information and information systems remain secure in a post-quantum world.

Recommendation 5: The development of a comprehensive cybersecurity skills and training strategy to create a cybersecurity workforce that leverages diverse backgrounds, meets internationally recognised standards, and is prepared for the cybersecurity challenges of today and tomorrow.

Recommendation 6: To ensure accurate and comprehensive statistics, the Committee recommends that the Government of Canada encourage Canadian citizens and companies to report all instances of cybercrime.

Recommendation 7: The Committee recommends that the Government of Canada support responsible vulnerability disclosure programs.

Recommendation 8: The Committee recommends that the Government of Canada reject approaches to lawful access that would weaken cybersecurity.

Recommendation 9: The Committee recommends that the Government of Canada explore ways to ensure all sensitive data moved within Canada has a domestically routed path, ensuring data packets are not exposed to foreign network infrastructure.