Communications Security Establishment Canada (CSE)

Prepared for the Minister of National Defence
Spring 2025

CSE within Canada's Current National Security Apparatus

• Canada's security and intelligence community defends the safety and security of Canada's territory, government, economy, and people, and provides insights to promote and protect Canadian interests.
• The national security apparatus works to:
  • Produce intelligence
  • Assess key issues and events
  • Reduce threats
  • Build resilience
  • Screen people and investments for security concerns
• Intelligence and law enforcement agencies work together along with a range of departments and with international partners.

CSE's Role Is To

• Collect and report on foreign intelligence in line with the Government of Canada intelligence priorities.
• Provide cyber security, information assurance/secure communications for the Government of Canada, as well as guidance and services to help protect systems of importance to the Government of Canada
• Take action online through foreign cyber operations to disrupt and degrade foreign threat actors and activities in support of Canadian international affairs, defence and security, and to defend systems of importance to the Government of Canada.
• Provide technical and operational assistance to federal law enforcement and security agencies, including DND/CAF.
• Lead the Canadian Centre for Cyber Security, which offers cyber security advice to external stakeholders and the public.

CSE's Mandate

• Our mandate is defined in the Communications Security Establishment Act (CSE Act), enacted in 2019.
• As Minister of National Defence, you play a direct role in determining how CSE operationalizes its mandate by issuing Ministerial Authorizations, Orders and Directives that help give effect to CSE's statutory authorities.
• CSE is explicitly prohibited from directing its activities at Canadians anywhere in the world, or at any person in Canada.
• CSE's activities are subject to independent oversight by the Intelligence Commissioner (IC) and retroactive review by the National Security and Intelligence Review Agency (NSIRA) and the National Security and Intelligence Committee of Parliamentarians (NSICOP).

Delivering the Mandate: Foreign Intelligence objectives

• CSE acquires and analyzes electronic information to detect and inform the Government of Canada on activities of foreign entities that seek to undermine Canada's national security and prosperity. Our foreign intelligence also provides insights with an information advantage to Canadian policy makers.
• CSE's intelligence reporting offers:
  • Unique insights into, and advance warning of foreign threats to Canada to prevent surprises that could harm Canadians, Canadian institutions, or allies;
  • Unique insights to support foreign and economic policy and decision-making; and
  • Information to support trade, economic security, law enforcement and military operations by providing information that goes far beyond public sources.

Intelligence Cycle

• Intelligence priorities are set by Cabinet and further refined into intelligence requirements
• CSE collects foreign signals (emails, phone calls)
• CSE analyzes signals and produces foreign intelligence reports
• CSE disseminates intelligence reports to domestic and international clients and partners.
• CSE collaborates with international partners to provide a larger intelligence picture
• Intelligence reports inform Canada's decision making and help identify new intelligence gaps

Delivering the Mandate: Foreign Intelligence —Measures and Mechanisms

• In 2024/2025, CSE provided 2,878 reports to 3,016 clients from 32 federal departments and agencies.
• Reports can only be read by authorized users across the Government of Canada and the Five Eyes. Robust mechanisms ensure this information is shared safely:
  • Electronic dissemination
    • Reports are shared via Canada's Top-Secret Network (CTSN) – run by CSE and used to collaborate and communicate at the Top-Secret level.
  • Client Relations Officers (CROs)
    • CSE employees embedded across the Government of Canada who deliver intelligence reports to authorized users, such as Cabinet ministers.
  • SIGINT Dissemination Officers (SDOs)
    • Employees of other Government of Canada departments who are accredited by CSE to share intelligence reports with authorized clients within their departments.
• Guided by the Government of Canada's priorities, topics include:
  • hostile state activity (e.g. cyber threat activity, espionage, foreign interference and malign influence, counterintelligence, and intellectual property theft);
  • terrorism and violent extremism;
  • People's Republic of China actions and intent;
  • Russia's invasion of Ukraine; and
  • Arctic Sovereignty

Delivering the Mandate: Cyber Security

• CSE's Canadian Centre for Cyber Security (Cyber Centre) provides advice, guidance and services to help defend Canada against cyber threats and foster a stronger, more resilient cyberspace in Canada.
• The Cyber Centre:
  • Defends federal government networks – for example by deploying sensors on endpoint devices (e.g. servers, laptops) that automatically detect malicious activity like malware to defend against threats.
  • Leads Canada's federal response to cyber security events.
  • Provides a unified source of expert advice, guidance, services, and support on cyber security and threat assessments for Canadians and Canadian organizations.
  • Works in collaboration with all levels of government, the private sector, industry, academia, critical infrastructure, and international partners.
  • Supports cyber resilience in Canadian research, economic and investment activities.

Delivering the Mandate: Information Assurance

• CSE is responsible for information assurance, known as Communications Security (COMSEC) for the Government of Canada — a fundamental part of cyber security which protects sensitive information and prevents our information from being accessed by adversaries, using encryption which:
  • Converts data into unreadable code, accessible only with keys —a strong defence against cyber threats
  • Helps verify that data has not been altered during transmission
  • Enables trust and confidence among stakeholders, partners and the public.
• As the backbone of information security, encryption enables the military equipment to identify 'friend or foe' and keeps national security operations and cabinet deliberations safe from breaches.
• At the nexus of COMSEC, CSE:
  • Provides the Government of Canada and some industry partners with secure hardware, software and cryptographic keys;
  • Works with federal and international partners to ensure rigorous cryptography standards; and
  • Is working to prepare for the emergence of quantum computers —which could break encryption and may be available as early as the 2030s.

Delivering the Mandate: Foreign Cyber Operations

• CSE can take action online in support of Canada's international affairs, defence, and security, and to defend federal systems and systems of importance to the Government of Canada.
• As Minister of National Defence, you authorize CSE to conduct Active and Defensive Cyber Operations. The Minister of Foreign Affairs must be consulted for defensive cyber operations and must consent to active cyber operations.
• Defensive Cyber Operations (DCO) disrupt foreign activities aimed at federal institutions and systems of importance (e.g. energy grids, telecoms networks, healthcare databases, banking systems). For example, CSE could prevent cyber criminals from stealing information from a Government of Canada network by disabling their foreign server.
• Active Cyber Operations (ACO) are proactive actions to disrupt foreign based threats to
• Canada's defence, security, or international affairs. For example, CSE used active cyber operations to counter foreign groups in their dissemination of violent extremism materials online.
• The CAF and CSE have a longstanding partnership in developing advanced technical and specialized capabilities for providing intelligence to support military operations. Over the last decade, the partnership has evolved to include collaboration in the areas of cybersecurity, and defensive and active cyber operations. Through CAFCYBERCOM, CSE continues to conduct joint cyber operations with the CAF to support their mission objectives.
• Cyber operations must not:
  • target Canadians or anyone in Canada
  • interfere with the course of justice
  • interfere with the course of democracy
  • cause death or bodily harm

Delivering the Mandate: Technical and Operational Assistance

• As Canada's national cyber security and foreign intelligence agency, CSE has unique technical and operational capabilities that can help other federal organizations keep Canadians safe and secure.
• CSE is authorized to assist:
  • Federal law enforcement and security agencies:
    • Royal Canadian Mounted Police (RCMP)
    • Canadian Security Intelligence Service (CSIS)
    • Canada Border Services Agency (CBSA)
  • Department of National Defence (DND) and Canadian Armed Forces (CAF)
• When assisting federal partners, CSE acts under their legal authority (e.g. judicial warrants).
• In 2024/25, CSE provided assistance to 51 requests from federal partners.

Collaboration in Action: Synchronizing CSE's Mandate

• CSE's cyber security, foreign intelligence and cyber operations mandates work together to achieve a range of outcomes that benefit Canadians.
• Having one agency carry out this full mandate provides CSE and Canada with unique advantages.

Collaboration in Action: FIVE EYES alliance

• CSE is a proud and valuable member of the Five Eyes, the world's longest-standing and closest intelligence-sharing alliance.
• The Five Eyes is a key element in Canada's intelligence and security landscape, providing a strategic advantage in understanding and responding to global events.
• This enduring partnership continues to deliver results that make the citizens of all five nations safer by:
  • Sharing foreign intelligence;
  • Supporting joint foreign cyber operations;
  • Ensuring interoperability and redundancy of systems;
  • Conducting classified research of strategic importance; and
  • Communicating threats and guidance jointly.
• This partnership adds weight to public communications when Five Eyes speak as one voice. On joint publications regarding topics like cybercrime, AI, and threats to critical infrastructure, the message is amplified.
• CSE also collaborates closely with likeminded allies in both bilateral partnerships and multilateral forums.

How we accomplish our mission

At CSE, our people are our greatest strength. Our workforce is made up of dedicated individuals who draw from their diverse skillsets, backgrounds, perspectives and experiences to protect our country, 24/7.

The complex problems we face require a wide range of perspectives, skills, and mindsets to tackle them, and this means increasing representation at all levels in the organization is a top priority.

With over 3,800 employees, CSE's workforce is comprised of a wide range of specialists who are dedicated to keeping Canada and Canadians safe.

Weare a thought leader and pathfinder in emerging digital and cyber technologies, with a research program focused on quantum cryptography, artificial intelligence and advanced analytics.

Innovation and agility are fundamental to how we execute our mission and increasingly represent the key to our future.

We operate within a robust oversight and review system and uphold our culture of compliance, lawfulness, and transparency in the conduct of our mandate to maintain the trust and confidence of Canadians.

We deliver to protect Canadians, defend Canadian values and reinforce Canada's role as a trusted partner on the world stage.

CSE's Organizational Structure