By Keith Edmund White
Editor-in-Chief
Has the Beyond the Border Initiative become the best hope for the United States and Canada to craft effective cyber-security strategies?
On Friday the U.S. Department of Homeland Security (DHS) and Public Safety Canada (PS) announced a Cyber Security Action Plan, a 4-page document that fleshes out the security-cyber objectives of the Beyond the Border Initiative, a bi-national effort to cooperate on security and border management.
Cyber-Security: An Important, Cross-Border Issue
First, before delving into the Action Plan and cyber-security in Canada and the United States, it’s important to emphasize the importance of cyber-security to both Canada and the United States. Whether it’s food supply systems, financial institutions, or energy distribution facilities, all these vital pieces of critical infrastructure are vulnerable to cyber attacks. And, whether through shared fiber optic cable networks or America's extensive use of Canadian-generated electricity, Canada and the United States can’t tackle cyber-security alone.
Cooperation Without Substance?
Cooperation Without Substance?
The Action Plan represents a still early, light-on-details step in DHS and PS coordination—but does show that the two agencies have, at least, identified the goals they wish to accomplish. Perhaps the two most challenging goals can be found on page 3 of the Action Plan:
Just to illustrate how much work still needs to be done, DHS’s National Cyber Security Division—which offers a link to a 2003 National Strategy Report—still, as of today, lists “build[ing] and maintain[ing] an effective national cyber response system” as one of its two objectives. And, when it comes to Canada, a 2012 article by cyber-security expert Ron Deibert, published by Queen’s University Centre for International and Defence Policy, states “the Canadian government is late to the cyber-security arena…and only barely nods at the importance of a foreign policy for cyberspace.”
1.4 Align and standardize cyber incident management processes and escalation procedures; andWhy are these goals unlikely to be met anytime soon? Well, Canada and America seem MIA on even having a national approach to cyber-security. As pointed out at CUSLI’s 2012 March Conference, the United States really doesn’t have a cyber-security strategy on the national level—with comprehensive cyber-security legislation unlikely to pass Congress this year. And Canada’s Auditor General, while noting improvement, still hit the nation’s cyber security nerve centre for only running during daytime hours and not being kept in the loop with the most pressing cyber-security threats.
1.5 Enhance technical and operational information sharing in the area of industrial control systems security.
Just to illustrate how much work still needs to be done, DHS’s National Cyber Security Division—which offers a link to a 2003 National Strategy Report—still, as of today, lists “build[ing] and maintain[ing] an effective national cyber response system” as one of its two objectives. And, when it comes to Canada, a 2012 article by cyber-security expert Ron Deibert, published by Queen’s University Centre for International and Defence Policy, states “the Canadian government is late to the cyber-security arena…and only barely nods at the importance of a foreign policy for cyberspace.”
Will Beyond the Border Propel Comprehensive Cyber-Security Strategies in Canada and the United States?
So, how do two nations do cyber-security coordination when both have lackluster national cyber-security strategies? Though, a fair counter-argument could be made—taking up a theme pushed in today’s Globe and Mail—that exactly because both nations are only beginning to hammer out their cyber-security strategies, there's greater likelihood that both nations will work together to tackle this pressing issue, unimpeded by entrenched institutional practices and regulations.
Perhaps Canada and America’s individual difficulties on cyber-security will make the Beyond the Border framework the main hub for both nations emerging cyber-security strategies. Not only is this good news for protecting both nations critical infrastructure, it could also show the value of bilateral approaches to more effectively--and efficiently--solve pressing public policy issues in Canada and the United States.
So, how do two nations do cyber-security coordination when both have lackluster national cyber-security strategies? Though, a fair counter-argument could be made—taking up a theme pushed in today’s Globe and Mail—that exactly because both nations are only beginning to hammer out their cyber-security strategies, there's greater likelihood that both nations will work together to tackle this pressing issue, unimpeded by entrenched institutional practices and regulations.
Perhaps Canada and America’s individual difficulties on cyber-security will make the Beyond the Border framework the main hub for both nations emerging cyber-security strategies. Not only is this good news for protecting both nations critical infrastructure, it could also show the value of bilateral approaches to more effectively--and efficiently--solve pressing public policy issues in Canada and the United States.
No comments:
Post a Comment