Communication Security Establishment (CSE) Notes

Communications Security Establishment – Main Estimates 2023-24

  • The Communications Security Establishment (CSE) is one of Canada’s key security and intelligence agencies and the lead federal technical authority for cyber security.
  • CSE provides critical foreign intelligence to help inform the Government of Canada’s decision making and protect national security.
  • CSE’s sophisticated cyber and technical expertise also helps detect, monitor, and investigate potential threats against Canada’s systems and networks, and to take active measures to address them.

Key Facts

  • The Communications Security Establishment's (CSE) 2023-24 Main Estimates are $965.9M, a net increase of $167.4M from the 2022-23 Main Estimates of $798.5M.
  • The increase in CSE’s Main Estimates can be attributed to:
  • New funding of $151.3M associated with Budget 2022 and subsequent off-cycle funding decisions.
  • Reprofiled funding of $10.1M associated with CSE’s Long Term Accommodation Project.
  • Funding transfer of $6.6M from Shared Services Canada in support of the Security Information and Event Management Project.
  • A net decrease of $1.5M associated with interdepartmental transfers to Global Affairs Canada ($0.4M) for support to CSE employees stationed abroad and to the Royal Canadian Mounted Police ($1.1M) to conduct security clearance activity for CSE employees.
  • A further net increase of $0.9M associated with changes in other programs supporting CSE’s mandate and in statutory authorities.

Details

  • The Communications Security Establishment's (CSE) 2023-24 Main Estimates are $965.9M, a net increase of $167.4M from the 2022-23 Main Estimates of $798.5M
  • The increase in CSE’s Main Estimates can be attributed to:
  • New funding of $151.3M associated with Budget 2022 and subsequent off-cycle funding decisions;
    • CSE received $147.1M through Budget 2022 for:
    • $21.2M for significantly expanding our foreign cyber operations program to prevent and defend against cyber attacks.
    • $5.3M for expanding cyber security protection to smaller Canadian government departments, agencies, and crown corporations.
    • $101.9M for enhancing CSE’s ability to prevent and respond to cyber attacks on critical infrastructure and making Canadian critical infrastructure more resilient. As well as to support the Government of Canada’s efforts to protect its Secret Infrastructure from cyber incidents by strengthening the robustness of its classified networks and its capacity to respond to unanticipated system failures.
    • $1.3M to establish a unique research chair program to fund academics to conduct research on cutting-edge technologies.
    • $17.4M for CSE’s continued support of Operation UNIFIER and measures to support enhanced intelligence cooperation and cyber security. 
    • CSE received $4.2M in additional funding through subsequent off-cycle funding decisions for Protecting Democracy and to contribute to Canada’s Middle East Strategy.
    • Protecting Democracy: $1.3M
      • CSE continues to offer cyber security support to Canada’s Democratic Institutions as part of the Cyber Centre’s core mandate to protect Canada’s digital infrastructure from malicious cyber activity and defend Canada’s national security from threats such as foreign espionage.
    • Middle East Strategy: $2.9M
      • CSE will also use this funding to contribute to Canada’s Middle East Strategy which supports security and stabilization efforts, development assistance and diplomatic engagement for Iraq, Syria, Lebanon and Jordan.  CSE provides foreign intelligence support to the CAF mission.
  • Reprofiled funding of $10.1M associated with CSE’s Long Term Accommodation Project;
  • Funding transfer of $6.6M from Shared Services Canada in support of the Security Information and Event Management Project;
    • The Security Information and Event Management (SIEM) provides a single view of IT security incidents across Government of Canada systems. This project will renew the existing SIEM infrastructure and expand and customize the processing of security logs from the Enterprise Data Centres (EDCs). Once implemented, the improved functionalities will enable the Government of Canada to predict, detect and respond to cyber threats and risks to IT systems and infrastructure
  • A net decrease of $1.5M associated with interdepartmental transfers to Global Affairs Canada ($0.4M) for support to CSE employees stationed abroad and to the Royal Canadian Mounted Police ($1.1M) to conduct security clearance activity for CSE employees
  • A further net increase of $0.9M associated with changes in other programs supporting CSE’s mandate and in statutory authorities.

Threats to Critical Infrastructure

  • Generally, we do not comment on specific cyber security incidents, nor do we confirm businesses or critical infrastructure partners that we work with, however we continue to provide advice and guidance to Canadians and Canadian organizations, if and when requested.
  • CSE and its Canadian Centre for Cyber Security (Cyber Centre) continue to monitor for any developing cyber threats and share threat-information with our partners and stakeholders to help prevent incidents.
  • As we noted in the 2023-24 National Cyber Threat Assessment, we are concerned about the opportunities for critical infrastructure disruption, particularly with regard to Internet-connected Operational Technology (OT) that underpins industrial processes. Internet-connected OT increases the threat surface of the organizations that employ it, and increases the opportunity for cyber threat activity to have effects in the physical world.
  • CSE, through the Cyber Centre, have been in contact with critical infrastructure operators to ensure they are aware of cyber threats related to geopolitical tensions. CSE continues to monitor Russia-backed cyber actors and share threat-related information with Canadians and Canadian organizations in a timely basis.   
  • We encourage Canadians to consult Cyber.gc.ca for up-to-date advice and guidance related to cyber threats or wish to receive more tailored cyber threat information. We also encourage victims to report a cyber incident to the Cyber Centre, so that we can help share threat-related information with our partners to help keep Canada and Canadians safe online.

Foreign Interference and the Democratic Process

  • The Government of Canada takes seriously its responsibility to protect Canadians from foreign interference, regardless of the source.
  • In the lead up to and during the 2021 Federal Election, the Communications Security Establishment (CSE), the Canadian Security Intelligence Service (CSIS), Global Affairs Canada (GAC), and the Royal Canadian Mounted Police (RCMP) worked together closely as part of the Security and Intelligence Threats to Elections Task Force (SITE).
  • CSE’s Cyber Centre also worked with Elections Canada to help secure election systems and infrastructure.
  • Our security and intelligence agencies coordinated integrated government efforts by raising awareness, monitoring, and reporting on threats, and providing advice to protect our democracy.
  • CSE recently published the renewed NCTA which highlights how online foreign influence activities have become a new normal with adversaries seeking to influence elections and impact international discourse related to current events.
  • The recent media attention on the topic of foreign interference has resulted in CSE appearing before the Standing Committee on Procedure and House Affairs (PROC) five times to provide an update. CSE also submitted several documents in response to the order for the Production of Papers issued by PROC.  
  • SITE Task Force partners will continue to work within their respective mandates to detect and counter possible foreign threats to Canada and its democratic institutions.
  • While Canada’s democratic institutions and processes are strong and resilient, CSE continues to actively work to ensure their continued protection.

Details

  • On March 6th, Prime Minister Trudeau noted that he will ask the National Security and Intelligence Committee of Parliamentarians (NSICOP) to look into foreign attempts to interfere in elections and report its findings and recommendations to Parliament.
    • NSICOP is a body composed of members of the House of Commons and Senate with Top-Secret security clearance. It has a broad mandate to review the activities of the Government of Canada's national security and intelligence agencies.
    • The Prime Minister asked the committee to review the classified evaluation of the Critical Election Incident Public Protocol.
    • He also tasked the National Security and Intelligence Review Agency (NSIRA) to review how Canada's national security agencies handled the threat of foreign interference during elections, with a particular focus on the flow of information from national security agencies.
  • On March 15th, The Prime Minister announced that the federal government intends to appoint the Right Honourable David Johnston as Independent Special Rapporteur, a new role as part of a suite of measures to help combat foreign interference and strengthen confidence in our federal electoral process and democratic institutions.
  • Later that week, he added, the government will launch public consultations on creating what he called a "foreign influence transparency registry."

The government also promised to:

  • Develop a plan to implement any outstanding recommendations from NSICOP, NSIRA and the independent assessment of the Critical Election Incident Public Protocol within the next 30 days.
  • Invest $5.5 million to form an alliance of civil society partners to fact-check and counter disinformation.

Cyber Security and Recent Cyber Incidents

  • Cyber security is a foundation for Canada’s future, for our digital economy, our personal safety, and national prosperity and competitiveness.
  • Every day, the Communications Security Establishment (CSE) uses its sophisticated cyber capabilities and technical expertise to help monitor, detect and investigate threats against threats to Canada’s information systems and networks and to take active measures to address them.
  • Recent geopolitical events and incidents of cybercrime have elevated the potential risk of cyber threats, as outlined in the 2023-2024 National Cyber Threat Assessment (NCTA).
  • CSE continues to publish advice and guidance to help organizations be less vulnerable and more secure. CSE works with industry partners, including government and non-government partners, to share threat information and cyber security best practices.
  • Ransomware poses a threat to Canada’s national security and economic prosperity. Threat actors will typically compromise a victim, encrypt their data, and demand ransom to provide a decryption key.
  • Data stolen during a ransomware attack almost certainly enables further cyber threat activity from a range of actors. Threat actors can also leverage sensitive business information to support commercial espionage.
  • The Government of Canada is working to reduce the threat of ransomware by targeting and disrupting cybercriminals, coordinating strategies with international allies and by issuing advice, guidance, and services for those affected by ransomware.
  • Cyber security is a whole-of-society concern and the federal government works together with other jurisdictions, small-and-medium enterprises as well as critical infrastructure owners an d operators to raise Canada’s cyber security bar.

Page details

Date modified: