• DeepBlue2020 Vanguard

Strong, Secure, Engaged: Canada’s Cybersecurity and Cyber Defence Update

Conflict and warfare have seen drastic changes in recent decades, mostly due to globalization, technology and geo-political and economic power shifts. Affecting more than just strategies, tactics and equipment, who and how they engage and behave in conflict and what they employ have moved far outside of the conventions and treaties most nations adhere to in time of war.

Adversaries, armed with more sophisticated means and the willingness to use violence to achieve political, social and ideological agendas, have developed complex profiles. Both state and non-state actors have become more fluid, coordinated and networked, adopting more formal processes and increasing their agility and resiliency. Harder to infiltrate and defeat, defending national interests against these adversaries demands more than adequate skills and budgets. 

Canada’s vision for defence has been long founded on the preservation and protection of two primary interests meant to benefit all Canadians: security, as in the freedom to live without fear, and prosperity, as in the ability to flourish through individual choices and pursuits. Investing in these interests for decades, Canada has enjoyed safety and security, a stable economy, societal wellbeing, and individual rights and freedoms that are the envy of other nations. 

In preserving these interests, Canada has become an important contributor in a consortium of nations who subscribe to the primacy of rules-based international order and government-authorized defence. Through its past accordance with international law, trade agreements and immigration protocols, Canada has also forged a reputation as a leader in human rights and peacekeeping. 

Clearly, Canada has a lot to protect. However, the rapid advancements in technology and global destabilizations in political and societal change have made protecting and sustaining these interests an arduous challenge. With the threshold of technological stagnation widening – as it does –Canada’s military has been in preparations to meet the future as a more agile, capable and innovative organization. 

In 2017, the Department of National Defence (DND) penned Canada’s Defence Policy, Strong, Secure, Engaged, to support the transformation of the Canadian Armed Forces (CAF). Within Strong, Secure, Engaged, one hundred and eleven initiatives can be categorized under these five main themes: a well-supported and resilient workforce, investments that enhance capability and capacity, fostering defence innovation, defining defence vision, and stable, realistic funding. 

Idealized through its overarching vision – to be strong at home, secure in North America and engaged in the world – and to evolve Canada’s military, Strong, Secured, Engaged outlines the capabilities and means to embody, promote and protect Canada’s interests at home, abroad and in its collaborative efforts in the Five-Eyes (FVEY) community. 

In our April/May 2019 issue, we highlighted the cyber domain priorities in Strong, Secure, Engaged, hinting at how Canada’s military will rely on technology for cybersecurity operations and cyber defence across the CAF. Over two years after the policy was published, now is an ideal time to take a more fulsome look at how cyber capabilities will defend and secure Canada in the future defence climate and the progress of these initiatives.

Cyber Squared: The Power of Cybersecurity and Cyber Defence

Canadian security powers have broadened with recent legislation, and so will the use of technology in defending national interests and in collaborating with the FVEY community to counter and defeat adversarial threats. Already woven into the CAF’s functional units, platforms, systems, personnel and equipment, the cyber domain will be increasingly relied upon in what will be an extraordinarily advanced defence environment. 

Extending to partner interoperability in cooperative missions and in the exchange of intelligence, the requirements of the new cyber domain are redefining the military’s existing concepts of scalability and agility, requiring resources to meet unparalleled levels of technological training and skills. 

What has set Strong, Secure, Engaged apart from other defence policies are capabilities that cross multiple functional areas with a focus on defence maturity. Drawing a line between cybersecurity and cyber defence, initiatives will support day-to-day defence operations and mission activities – land, air, sea, cyber and space – leveraging cyber defence capabilities and concurrently providing comprehensive cybersecurity operations to protect these environments and assets. 

Cybersecurity will go beyond prevention, detection, response and recovery, forming network assurance ensuring architectures, systems, equipment and information all designed to specific security standards. Protecting against threat scenarios – destruction, disruption, modification, loss/theft, reconnaissance and surveillance – procedures, controls and safeguards will secure support operations, intelligence and mission activities, even in deployable environments. 

Having a finer focus on overall mission assurance, cyber defence will be integrated into planning and operational activities to help achieve mission objectives, some by sensing and detecting current states, orientation of operational responses and the engagement of adversaries. Contributing to mission success measures, cyber defence will also improve precision with the goal of limiting collateral and grave damage. 

Strengthening Canada’s National Security Framework 

Substantial and transformative, Strong, Secured, Engaged fundamentally directs how long-term investments in cyber capabilities, in and across its initiatives and themes, will collectively enhance the current domains in support of DND and CAF’s strategic objectives and how it will scale to future needs. 

Having received royal assent this past summer, Bill C-59 has reshaped Canada’s national security oversight, powers and functions, making some of the DND and CAF’s cyber capabilities immutable through legislation. 

Emboldened by Bill C-59, many cyber domain capabilities will be embedded in functional, organizational and departmental levels as long-term investments that will enhance capability and capacity, strengthen the cyber workforce and define the defence vision.

Strong, Secure, Engaged … and Delivering 

To deliver to the many interdependent and intersecting cyber and cryptographic projects under Strong, Secured, Engaged, all DND and CAF support areas are in collaboration, as overall success hinges on precisely met requirements and the planned implementation of crucially timed activities.

Especially aligned are the Director General (DG) Cyber and Assistant Deputy Minister for Information Management (ADM(IM)), who also in close consultation with the Vice-Chief of the Defence Staff (VCDS) and Chief of Defence Intelligence (CDI) to ensure successful coordination of all projects.

DG Cyber is leading core cyber projects – such as Cyber Force Development, Cyber Reserve Forces, Cyber Mission Assurance, Joint Communication and Information Systems and Command, Control, Communications, Computing and Information (C4I) – and ADM(IM) is particularly focused on cryptographic projects, such as the Cryptographic Modernization Program (CMP).

Investments in Cyber to Enhance Capability and Capacity

A solid focal point for review, the Cryptographic Modernization Program (CMP) is an omnibus of sub-projects improving cryptographic, information and operations capabilities through asset hardening, cyber threat identification and situational awareness and response. Sponsored by the Communications Security Establishment (CSE), the CMP will meet internal functional objectives and mandatory interoperability with FVEY programs, such as the United States’ cryptographic replacement and modernization program. 

The CMP sub-projects, some already delivered or others slated between now and 2024, represent the complete replacement of obsolete cryptographic systems for secure voice telecommunications, link encryption, network encryption, combat identification (‘Friend or Foe’), secure radio and supporting cryptographic infrastructure. Other new encryption programs and projects are also being initiated to address emerging threats.

In a more detailed look at the CMP, the Advanced Cryptographic Capabilities Project (ACCP), currently in options analysis, will secure and defend the DND and CAF’s cyber domain from known technologies and others yet to be assessed in terms of impact, such as quantum and artificial intelligence. With external strategic alignment driving support for large-scale campaigns, the ACCP, when delivered in 2021, will lay the foundation for more expansive interoperability among FVEY partners.

The Classified Security Management Infrastructure (CSMI) project is implementing the next generation key management system that will deliver cross-functional and operational support to modernized end cryptographic units (ECU) by 2022. In place prior to the budget and policy, the CSMI was amended to meet future requirements and to ensure devices are compatible with new cryptographic transponders and interrogators. 

Other equipment-related sub-projects are downstream to these enhancements, such as the Secure Radio Modernization (SRM) project that will deliver up-to-date secure standards for radio and mobile devices and IFF Mode 5, the combat identification/‘Friend or Foe’ project.

Adding to cyber domain defence, the Defence Cyber Operations-Decision Support (DCO-DS) Project, now in options analysis, will provide continuous real-time detection, analysis and reporting on internal and external events, activities and anomalies when delivered in 2024. Also in options analysis and scheduled for 2024, the Cyber Security Awareness (CSA) project will secure the overall cyber domain against both external and insider threats. 

The Network Command & Control (Net C2)/Integrated Situational Awareness Capability (ISAC) will consist of integrated systems, personnel, processes and tools that provide detailed monitoring and analysis information to enable operational and strategic staff to make well-informed decisions. Recently moved to options analysis, NetC2 will be a critical information/knowledge system for secure networks and command.

Between now and 2024, the CMP sub-projects will be delivered in layered releases and, once implemented, will provide cybersecurity to critical operations, platforms and networks and enable cyber offensive actions that were previously unsupportable.

While only a shortlist of projects under the CMP and a portion of projects under the Enhancing Capabilities theme, these provide solid assurance that the DND and CAF’s cyber domain has received the required priority and efforts are demonstrating the strategic and comprehensive planning necessary to deliver these essential capabilities. 

Fostering and Driving Defence Innovation 

Defence innovation in Strong, Secured, Engaged is outlined in initiatives that will develop active cyber capabilities within government-authorized military missions, enhance the cyber workforce and dedicate military personnel to cyber functions. Plainly put, these are the people – the sustaining force behind the tools and processes – who will support the CAF’s defence posture, defensive cyber operations, active cyber operations and cyber mission assurance capabilities.  

With the DND and CAF experiencing the same cyber skills shortage as other sectors, the transitioning of existing legacy-skilled personnel to cyber-enabled operations has already begun across the CAF elements. By significantly increasing the number of military personnel into dedicated cyber functions, this will help address the immediate need to bolster cyber skills while new resources are being ramped up, forming a talent base to expand upon.

Recruiting is a priority under Strong, Secure, Engaged to support the highly technical initiatives, making the development of the Cyber Force and the Cyber Operator occupation essential to overall success. Newly created, the Cyber Force encompasses the entire workforce – regular, reserve and civilian – and will develop, manage, employ and sustain cyber operations capabilities for the DND and CAF. 

The Cyber Operator occupation is both a regular force and primary reserve military occupation for non-commissioned personnel. Providing better leverage of the CAF’s cyber capabilities in support of military operations, the Cyber Operator occupation will include both defensive and active cyber operations. In October 2019 a celebratory milestone was met: the first Direct Entry Cyber Operator graduated from the Basic Military Qualification. 

Several civilian occupations in the cyber domain were also formalized, such as Internet Security Analysts, Network Support Analysts, Red and Blue Team Analysts, Computer Incident Response Specialists, Cyber Reporters, Penetration Testers and Systems Auditors. These will contribute the skills to conduct network operations that enhance the DND and CAF’s ability to provide a secure cyber environment.

Supporting ongoing training for these occupations, the Asset Discovery Vulnerability Assessment Configuration Compliance (ADVACC) Project and Interim Cyber Training Capability (ICTC) Project are currently delivering cyber defence capabilities and training of Cyber Operators. Also, a parallel initiative, The Journey, which focuses on evolving the CAF career development and human resources framework for the skilled workforce, is being implemented.  

The Cyber Mission Assurance Program (CMAP), renewed under Strong, Secure Engaged, will deliver protection and the continued hardening of defence critical infrastructure, missions and assets for the DND and CAF to ensure operations will succeed in a continuously evolving, contested cyber threat landscape. 

At the Canadian Army’s first Cyber Mission Assurance Workshop in January 2019, Colonel Mark Parsons, Director Land Command and Information, underscored that Canada must keep pace with potential adversaries, noting “considerable risk to the Army’s mission and security.” Brigadier-General Andrew Jayne, Director General Cyberspace, reinforced this by pointing out “business as usual” in the cyber domain is no longer an option. 

Addressing the aggressive development of active cyber capabilities for government-authorized military missions, the Active Cyber Operations (ACO) is a distinct initiative being developed in close cooperation with the other stakeholders and partners. Advancing and enhancing active cyber operations will improve the ability for the DND and CAF to deliver their mandates and will increase the success of the military missions. The details of this initiative are classified; however, it can be assured that its progress is closely monitored by senior leadership. 

Investing in Joint Capabilities

The development and acquisition of joint command and control systems and equipment and joint signals intelligence capabilities are not purely within the cyber domain but will rely heavily on cyber capabilities to improve the military’s ability to advance in intelligence and command, control and communications. 

Currently, there are several long-term investments that will improve the cyber domain and cryptographic operations utilized by the CAF elements. The overarching effort will integrate existing and future assets into a networked, joint system-of-systems with joint capabilities focused on producing actionable intelligence and maximizing its use in operations and mission activities. 

Enhanced joint capabilities are supported by broader initiatives, such as cybersecurity, threat identification and response, situational awareness with military-specific information operations and offensive cyber operations capabilities that target, exploit, influence and attack further supporting military operations.

Intelligence, Electronic Warfare and Other Critical Growth Areas   

Aside from the above themes and while not designated as cyber domain enhancements, there are other initiatives and programs that will depend on and demand priority on the DND and CAF’s cybersecurity and cyber defence capabilities under Strong, Secure, Engaged. 

Playing a key role in military operations, such as targeting, forecasting and identifying emerging threats, defence intelligence relies on the cyber domain for confidentiality, integrity and availability, generating analysis, transmission, sharing and storage. As the need for intelligence is steadily increasing, managing the additional strain on cyber capabilities, technologies, architectures and resources will be a key area of risk mitigation.

With the lateral integration of the cyber domain and its peripheral supports across military operations, electronic assets will continue to be an attractive target for potential adversaries, state proxies and non-state actors. Already developing the means to exploit vulnerabilities and embed surveillance and reconnaissance activities, these adversaries will stay focused on exfiltrating assets and disrupting command, control, communications and intelligence transmission. 

While there are several new and existing projects and programs that will also demand the same priority of functions in the cyber domain, the following are large, long term investments presenting a higher degree of criticality for military missions. 

The Canadian Forces Land Electronic Warfare Modernization (CFLEWM) will modernize the Canadian Army’s ability to engage and defend against electronic threats along with the Naval Electronic Warfare System – Sub Surface, Canadian Forces Electronic Warfare Support, CF-18 Defensive Electronic Warfare Suite and the Electronic Warfare Squadron – Kingston.

The Land Force Intelligence, Surveillance, Target Acquisition and Reconnaissance (or Land Force ISTAR) is an omnibus of sub-projects that will deliver communications, command and control and sensors, including Unmanned Aerial Vehicles (UAVs), In-Service Sensors (ISS) and Medium-Range Radar (MRR) projects as part of this capability.

The Land Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (LC4ISR) System is a fully integrated tactical network composed of computers, sensors, telecommunications equipment, hardware, firmware, and software elements that will provide information to commanders to make timely decisions and conduct deployed operations.

Judging by the many projects listed above across Strong, Secure, Engaged initiatives and themes, it is clear that earlier assessments were correct: Strong, Secure, Engaged is an impressive, substantial and well-detailed defence policy that, once the majority of its capabilities are implemented, will truly transform and modernize the DND and CAF. With a small number of projects behind them, the DND and CAF have many more to go before that day.

In the meantime, the hard work of the men and women of the DND and CAF is apparent. Each day, they demonstrate their commitment to protecting and defending the interests of Canada. On top of that, many are supporting complex, critical projects and programs that will fulfill the policy direction of Strong, Secure, Engaged, ensuring Canada is safe, secure and prosperous for decades to come. 

A few more good reasons to thank those who serve.

Author: Valarie Findlay

Valarie Findlay is an American Society for Evidenced-Based Policing member and a research fellow for the Police Foundation (USA) with two decades of senior-level expertise in cybersecurity and policing initiatives. She has worked extensively on federal cyber initiatives and is a member of the Canadian Association of Chiefs of Police eCrimes Cyber Council and AFCEA DC. She has a Masters in Sociology and a Masters in Terrorism Studies with her dissertation addressing the impacts of terrorism on law enforcement in Western Nations.

Share This Post On
468 ad

Submit a Comment

Your email address will not be published. Required fields are marked *

Visit Us On TwitterVisit Us On FacebookVisit Us On LinkedinVisit Us On Youtube