Proposed new legislation from the Federal Government is set to have a large impact on companies in the finance, telecommunications, energy and transportation sectors and their cyber security policies and measures.
Introduced on June 14 by Industry Minister Francois-Philippe Champagne and Public Safety Minister Marco Mendicino, The “Act Respecting Cyber Security” would have some wide ranging implications:
- It would give regulators the power to run audits to ensure affected companies are in compliance.
- Organizations deemed non-compliant could face administrative monetary penalties of $1 million for individuals and $15 million for companies, summary convictions or convictions on indictment.
- Operators in key federally-regulated industries would have to report cyber security incidents to the government’s Cyber Centre
operators will be required to establish cyber security programs that can detect serious incidents and protect critical cyber systems.
- The governor-in-council may “direct any designated operator or class of operators to comply with any measure set out in the direction for the purpose of protecting a critical cyber system.”
- The bill also says that anyone who receives such direction “is prohibited from disclosing or allowing to be disclosed” that it was issued.
- The bill looks to counter cyber threats and the rise in ransomware and other online attacks as a result of the shit to remote work due to the pandemic.
Government of Canada officials told reporters on a briefing call that with the rise and emergence of fifth-generation (5G) wireless technology and critical infrastructure becoming increasingly interconnected and integrated with cyber systems, new threats and vulnerabilities need to be addressed.
If you’re interested in learning more about the cyber act, want to conduct a security audit, or are interested in our Cyber Defense Platforms or cyber training contact us at 416-363-9880 – we’re here to help.