Communications Security Establishment

Supplementary Estimates (B) Overview Note

Speaking Notes

  • The Communications Security Establishment (CSE) is one of Canada’s key security and intelligence agencies and the lead federal technical authority for cyber security.
  • The CSE provides valuable foreign intelligence to inform the Government of Canada’s decision making and protect national security.
  • Its sophisticated cyber and technical expertise also helps identify, prepare for, and defend against threats to Canada and its cyber systems and networks.
  • While conducting these activities, CSE respects the highest standards of lawfulness, ethics, values, and the protection of the privacy of Canadians.
  • CSE’s 2023-24 Supplementary Estimates (B) (SEB) include a net funding increase totaling $15.2M including Employee Benefit Plan (EBP) costs.
    • Funding of $17.4M relating to four Treasury Board (TB) Submissions.
    • A net funding decrease of ($2.2M) resulting from seven Interdepartmental transfers.
  • With the approval of SEB, CSE’s 2023-24 budgetary authorities will total $1,000.1M, including EBP costs.

Details

Line Items included in CSE’s 2023-24 SEB

  • Funding for the ongoing operation of the Canadian Centre for Cyber Security.
  • Funding for the Interim Quantum Safe Capability project.
  • Funding for government advertising programs.
  • Funding for enhancing national security through an academic research initiative.
  • Interdepartmental Transfers:
    • From Shared Services Canada to CSE
    • From Department of Finance to CSE
    • From CSE to Treasury Board Secretariat (2 Transfers)
    • From CSE to Canadian Security Intelligence Service
    • From CSE to Department of Foreign Affairs, Trade and Development (2 Transfers)

Details: Funding Included in CSE’s 2023-24 SEB

Funding for the Ongoing Operation of the Canadian Centre for Cyber Security: $13.0m ($10.8M plus $2.2M EBP)

CSE will utilize this funding for personnel funding. The operating funding was already included in CSE’s reference levels as a frozen allotment, [REDACTED]

Funding for the Interim Quantum Safe Capability Project: $1.6M

Reprofiled from a prior year frozen allotment requested at the 2021-22 fiscal year-end. This project will ensure that the confidentiality of the Government of Canada's classified cryptographic devices is protected.

Funding for Government Advertising Programs: $1.5M

Horizontal item involving various departments, CSE will use these funds to combat online disinformation.

Funding for National Security Through an Academic Research Initiative: $1.2M plus $0.2M EBP

Budget 2022 identified funding to enhance national security through a classified and unclassified research initiative.

Transfer from Shared Services Canada (SSC) to CSE: $1.8M

This funding will be used for CSE’s cyber security contributions to support the Secure Communications for National Leadership program.

Transfer from Department of Finance to CSE: $0.1M

This funding is to support ongoing risk mitigation and monitoring under the Retail Payment Activities Act (RPAA).

Transfer from CSE to Treasury Board Secretariat (TBS): $25.0K

This funding includes:

  • $15.0K to support the Capacity Accelerator Project at the Office of the Comptroller General; and
  • $10.0K for financial community developmental programs and initiatives.

Transfer from CSE to Canadian Security Intelligence Service (CSIS): $0.3M

This funding will be utilized to support the Integrated Terrorism Assessment Centre (ITAC). ITAC is a federal organization responsible for assessing terrorism threats to Canada and Canadian interests worldwide. Its products support the decision-making needs of senior federal leaders.

Transfer from CSE to Department of Foreign Affairs, Trade and Development (GAC): $3.9M

This funding includes:

  • $2.7M in support of cyber security services; and
  • $1.2M for fees for GAC to administer CSE personnel overseas.

GAC is a common service provider for Government of Canada operations abroad and receives compensation for the increased cost of operations resulting from staff being posted at Canadian missions and liaison offices by other government departments.

Cyber Security and Cyber Capabilities

  • Potential adversaries are leveraging and developing cyber capabilities in effort to exploit vulnerabilities in our cyber systems.
  • The CSE Act allows the Communications Security Establishment (CSE) to carry out activities on or through the global information infrastructure to degrade, disrupt, influence, respond to, or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security.
  • CSE employs sophisticated cyber tools and technical expertise to help identify, prepare for, and defend against cyber threats, as well as to impose costs on malign actors that seek to harm Canada’s information systems, networks, businesses, and institutions.
  • CSE’s Canadian Centre for Cyber Security (the Cyber Centre) is Canada’s authority on cyber security. As a unified source of expert advice and guidance, CSE’s Cyber Centre leads the Government’s operational response to cyber incidents. The Cyber Centre also collaborates with the rest of government, the private sector and academia to strengthen Canada’s cyber resilience.
  • Cyber operations capabilities are also a key element of military and state power, needed to deter and defeat external threats to Canada in times of peace and conflict.
  • CSE and the Canadian Armed Forces (CAF) continue to work with domestic and international partners to support and build a stable cyberspace built on the respect for international law and the norms of responsible state behaviour in cyberspace.
  • The CAF contributes to international peace and security through cyber threat intelligence sharing with Allies and partners, and through the conduct of full spectrum cyber operations as authorized by the Government of Canada.
  • Specifically, the CAF relies on the force multiplier effects of technology enabled communications, intelligence, and weapon systems, all of which must be adequately secured and defended from cyber threats.

Key Facts

  • The CSE Act sets out five aspects of CSE’s mandate, which contributes to the lines of operations above. This includes:
    • Cybersecurity and information assurance
    • Foreign intelligence
    • Defensive cyber operations
    • Active cyber operations; and
    • Technical and operational assistance
  • CSE may use defensive cyber operations to defend Canada against foreign cyber threats by taking online action. For example, CSE could prevent cyber criminals from stealing information from a Government of Canada network by disabling their foreign server. This authority can also be used to defend systems designated by the Minister of National Defence as being of importance to the Government of Canada, such as energy grids, telecommunications networks, healthcare databases, banking systems, and elections infrastructure.
  • Active cyber operations allow CSE to take online action to disrupt the capabilities of foreign threats to Canada, such as: foreign terrorist groups, foreign cyber criminals, hostile intelligence agencies, and state-sponsored hackers. Threats that CSE disrupts must relate to international affairs, defence or security.
  • CSE, supported by Global Affairs Canada and the CAF, has a proven track record that respects and reinforces Canada’s statement on international law and cyber norms.
  • CSE’s Canadian Centre for Cyber Security (the Cyber Centre) reminds the Canadian cybersecurity community, especially infrastructure network defenders, to be vigilant against sophisticated cyber threats.
  • Canadian Armed Forces Cyber Capabilities:
    • Defensive cyber operations are employed to respond and/or counter a threat by an adversary in cyberspace, whereas offensive cyber operations are conducted to project power in, or through, cyberspace to achieve effects in support of military objectives.
    • CSE and the CAF continue to develop and scale its offensive and defensive cyber operations capabilities. This partnership enables cyber operations and provides the Government of Canada flexibility in achieving strategic objectives.
    • The Canadian Armed Forces holds the responsibility of safeguarding its military networks on a continuous basis, and actively cooperates with CSE and international partners to help protect joint critical networks among Allies and within NATO.

Back to top

Background

  • CSE and its Canadian Centre for Cyber Security
    • Cyber security is a foundation for Canada’s future, for our digital economy, our personal safety, and national prosperity and competitiveness.
    • Every day, the Communications Security Establishment (CSE) uses its sophisticated cyber and technical expertise to help monitor, detect, and investigate threats against Canada’s information systems and networks, and to take active measures to address them.
    • Recent geopolitical events have elevated the potential risk of cyber threats, as outlined in the 2023-2024 National Cyber Threat Assessment.
    • CSE continues to publish advice and guidance to help organizations be less vulnerable and more secure. It works with industry partners, including government and non-government partners, to share threat information and cyber security best practices.
    • Cyber security is a whole-of-society concern, and the federal government works together with other jurisdictions, organizations, as well as critical infrastructure network defenders to raise Canada’s cyber security bar.
    • If Canadian companies have been impacted by cyber threats, they are urged to contact the Cyber Centre toll free at 1-833-CYBER-88, by email contact@cyber.gc.ca or visit Report a cyber incident
  • Canadian Armed Forces and the Communications Security Establishment Cooperation:
    • The Canadian Armed Forces and CSE have a long history of partnership in the development of highly technical and specialized capabilities that support Canadian Armed Forces operations.
    • These activities are subject to CSE’s rigorous system of internal policies and procedures as well as independent oversight and review.
    • Cooperation between the Canadian Armed Forces and CSE ensures the best use of tools and capabilities, reduces unnecessary duplication of efforts, leverages each other’s authorities, and improves the chances of meeting mission objectives.
  • Authorizations and Safeguards:
    • Cyber operations undertaken in support of government objectives will be pursuant to the CSE Act, and the Crown Prerogative and the National Defence Act, and will be consistent with Canada’s international legal obligations. 
    • CSE is prohibited by law from targeting the private information of Canadians or any person in Canada and must not infringe the Canadian Charter of Rights and Freedoms.
    • Cyber operations conducted under CSE authorities require the Minister of National Defence to issue a Ministerial Authorization, which requires either consultation with the Minister of Foreign Affairs (for defensive cyber operations) or at the request of or with the consent of the Minister of Foreign Affairs (for active cyber operations).
    • In conducting cyber operations, Canada recognizes the importance of adhering to international law and agreed norms of responsible state behaviour in cyberspace. Canada’s authorities and governance framework to conduct cyber operations is supported by a strong independent review process, as well as internal oversight for operational compliance.
    • Foreign cyber operations are further subject to proven checks and balances such as rules of engagement, targeting and collateral damage assessments.
  • Offensive Cyber Operations:
    • Strong, Secure, Engaged (SSE) committed the Canadian Armed Forces to assuming a more assertive posture in the cyber domain by hardening its defences, and by conducting offensive cyber operations against potential adversaries as part of government-authorized military missions.
    • The CSE Act allows CSE to carry out activities on or through the global information infrastructure to degrade, disrupt, influence, respond to, or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security.
  • Canadian Armed Forces Cyber Operator:
    • SSE directed the creation of the Canadian Armed Forces Cyber Operator occupation. This trade includes both Reserve and Regular Force members who conduct both defensive and offensive cyber operations with the goal of supporting operational objectives and delivering tactical effects.
  • Cyber Mission Assurance Program:
    • SSE directed the creation of the Cyber Mission Assurance Program. It is part of the cyber capability to protect critical military networks and equipment from cyber threats. Platforms like aircraft, ships, and vehicles are becoming increasingly dependent on cyberspace. The Cyber Mission Assurance Program ensures that cyber resilience is a primary consideration when new equipment is procured.
    • Cyber threats pose unique challenges in projecting and sustaining military power. The changing global environment and the increasing dependence on cyberspace technologies demands a significant change in our culture. The introduction of cyber-resiliency mindset in all our activities is required for the CAF to maintain its competitive advantage. The Cyber Mission Assurance Program focuses on managing the risks associated with cyber threats, to improve resilience, and increase the probability of mission success.

Foreign Interference and the Democratic Process

  • The Government of Canada takes seriously its responsibility to protect Canadians from foreign interference, regardless of the source.
  • In the lead up to and during the 2021 Federal Election, the Communications Security Establishment (CSE), the Canadian Security Intelligence Service (CSIS), Global Affairs Canada (GAC), and the Royal Canadian Mounted Police (RCMP) worked together closely as part of the Security and Intelligence Threats to Elections Task Force (SITE).
  • CSE’s Cyber Centre also worked with Elections Canada to help secure election systems and infrastructure.
  • Our security and intelligence agencies coordinated integrated government efforts by raising awareness, monitoring, and reporting on threats, and providing advice to protect our democracy.
  • CSE’s 2023-24 National Cyber Threat Assessment (NCTA) highlights how online foreign influence activities have become a new normal with adversaries seeking to influence elections and impact international discourse related to current events.
  • SITE Task Force partners will continue to work within their respective mandates to detect and counter possible foreign threats to Canada and its democratic institutions.
  • While Canada’s democratic institutions and processes are strong and resilient, CSE continues to actively work to ensure their continued protection. 

Key Facts

Reviews of Foreign Interference

  • In March 2023, the Prime Minister announced measures to strengthen trust in Canada’s democracy.
  • This included requesting NSICOP and NSIRA to review the impact of foreign interference in the 2019 and 2021 federal elections, and how Canada’s national security agencies handled the threat. NSIRA and NSICOP launched their reviews in March, with CSE receiving the first requests for information in April.
  • CSE welcomes these external reviews into foreign interference in Canada’s elections and will continue to support them and Parliament moving forward.

CSE Top Cybersecurity Points

  • Cyber security is a foundation for Canada’s future, for our digital economy, our personal safety, and national prosperity and competitiveness.
  • Every day, the Communications Security Establishment (CSE) uses its sophisticated cyber and technical expertise to help monitor, detect, and investigate threats against Canada’s information systems and networks, and to take active measures to address them.
  • CSE’s Canadian Centre for Cyber Security (Cyber Centre) uses sensors to detect malicious cyber activity on government networks, systems and cloud infrastructure; and networks, systems and electronic infrastructures of importance to the Government of Canada.
  • This year, CSE’s automated defences protected the Government of Canada from 2.3 trillion malicious actions, an average of 6.3 billion a day.
  • It is critical that Canada has strong cyber defence capabilities as recent geopolitical events and incidents of cybercrime have elevated the potential risk of cyber threats, this was outlined in the 2023-2024 National Cyber Threat Assessment (NCTA).
  • CSE continues to publish advice and guidance to help organizations be less vulnerable and more secure. It works with industry partners, including government and non-government partners, to share threat information and cyber security best practices.
  • Cyber security matters to all of us, and the federal government works together with other jurisdictions, organizations, as well as critical infrastructure network defenders to raise Canada’s cyber security bar.
  • If Canadian companies have been impacted by cyber threats, they are urged to contact the Cyber Centre toll free at 1-833-CYBER-88, by email contact@cyber.gc.ca or visit Report a cyber incident.

Key Facts

  • CSE utilizes its mandate to reduce the impact of cybercrime on Canadian businesses, organizations, and individuals.
  • Ongoing efforts include:
    • collecting intelligence on cybercrime groups
    • enhancing cyber defences to protect critical systems against cybercrime threats
    • advising Canadian critical infrastructure providers on how to protect themselves against cybercrime; and
    • using active cyber operations capabilities (ACO) to disrupt the activities of cybercrime groups.
  • In addition, working with Canadian and allied partners, CSE has conducted ACO to reduce the ability of cybercrime groups to:
    • target Canadians, Canadian businesses and institutions
    • launch ransomware attacks
    • solicit, buy and sell cybercrime goods and services
  • These operations imposed costs on cybercrime groups by making their activities more difficult and less profitable. The aim is to deter future cybercrime attempts on Canadian targets.

Back to top

Growth, Recruitment and Retention at CSE

  • Over the years, CSE has experienced continued and sustained growth that has enabled the agency to adapt and address the growing cybersecurity landscape.
  • No other governmental agency within Canada is undertaking the crucial cyber security work done at CSE. In fact, only a few other jurisdictions around the world have similar operations thereby positioning Canada’s cryptological agency at the forefront of cyber operations and defence.
  • Recruiting skilled employees in the high-tech field remains challenging and highly competitive. At CSE, the same is true due to the specific technical competencies required for many positions within the organization.
  • Despite the highly competitive nature of recruitment, CSE has been recognized as a Top Employer in 2020, 2021, and 2022, as well as one of Canada’s Top Employers for Youth for the past six years in a row.
  • CSE and the Canadian Centre for Cyber Security are hiring for a variety of positions including foreign language intelligence analysts, engineers, mathematicians, computer science specialists and cyber security professionals.
  • CSE also received significant recognition through Budget 2022, which proposed $875.2 million over five years for CSE, beginning in 2022-23, for additional measures to address the rapidly evolving cyber threat landscape.

Key Facts

  • At CSE there is a 2% retirement and 2% resignation rate for a total of 4% attrition per year.
  • CSE has a relatively low attrition rate which reflects its investment in creating a healthy work environment, encouraging employee professional development, embracing diversity and inclusion as mission imperatives, and having excellent counselling and employee support programs in place.

Equity, Diversity and Inclusion

  • As a security and intelligence organization, promoting diversity at CSE allows the workplace to integrate broad perspectives, experiences, and worldviews into its operations. As a result, individuals can pursue CSE’s mission in a nurturing and welcoming environment.
  • Working with equity-deserving groups both inside and outside of CSE on the promotion of equity, diversity and inclusion will enable CSE to evolve its processes, operations and policies in a manner that serves all Canadians effectively.
  • In effort of working towards reconciliation, CSE continues to participate in the Government of Canada’s IT Apprenticeship Program for Indigenous Peoples, a program that matches First Nations, Inuit and Métis candidates to help them build the skills they need for an IT career in the federal public service.

Back to top

Page details

Date modified: