INDEPTH: COMPUTER SECURITY
The government's role in cyber security
CBC News Online | Feb. 18, 2005
The computer and online world is one of constant change. Every time you turn around there's a new application, update, patch, virus. How do you patrol a world that evolves so quickly?
Individuals and governments have different concerns about cyber security. In our computer-dependent world, the possibilities are myriad for some sort of attack via the internet – one that could clog up your e-mail inbox, interfere with your company's ability to operate, or shut down critical infrastructure and disable government networks.
Governments around the world are struggling to keep up with the pace of technological change, in developing strategies to deal with these problems. A state's usual tools to protect itself and its citizens – legislation and policing – are difficult to implement when it comes to cyber crime.
University of Toronto's Richard Owens
|
"You need to co-ordinate different [levels of] governments, and other entities … then throw into the mix that the technology is evolving so quickly that any legislation you enact could be outdated by the time it's in place," says Richard Owens, the executive director at the Centre for Innovation Law and Policy at the University of Toronto. "These are interesting problems that don't admit easy solutions."
Owens says the best way to attack these problems is through information sharing and co-operation. At the state level, government, and public and private industry need to keep up-to-date on the latest threats and incidents, in order to prepare or co-ordinate a response.
At the level of the individual computer user, Owens suggests public awareness campaigns may make some difference, but he also says it's very difficult to stay constantly up-to-date. "I suspect that the overwhelming majority of computer users are not sufficiently tuned in to the risks to update their computer security," on an ongoing basis.
Owens also argues for more money. "We need to put more resources into policing risks on the internet," he says. "For the consumer fraud, child porn and spam kind of issues, you need the capabilities, you need the alliances … you need international inter-police force collaborations."
 For more on spam, see the Protect your inbox section
Public Safety and Emergency Preparedness Canada also sees the challenge for the government as one of co-ordinating and information gathering. PSEPC is responsible for national security. The department has recently announced a Canadian Cyber Incident Response Centre to identify threats, and co-ordinate a response to them.
Julie Spallin, the director of the CCIRC, says the centre will try to keep a constant watch on potential cyber threats, and alert government and infrastructure industries of any dangers. Those dangers could include a virulent virus or worm, or some sort of directed denial of service attack.
"The Centre is perfect for incidents that are large scale, incidents that are widespread, and also incidents that are affecting key infrastructure. That's the priority," she says.
The U.S. has gone in a slightly different direction on both spam and network security.
Law professor Michael Geist
|
Michael Geist, a professor of law at the University of Ottawa who specializes in internet law, says after the Sept. 11 attacks, the United States moved quickly to address cyber security concerns. "The U.S. has implemented a greater level of network surveillance requirements on their network providers," he says.
Those network providers are required to have the ability to allow certain kinds of surveillance of the traffic on their networks. But Geist argues that vigilance comes with a price. "The U.S. example of the Patriot Act represents a knee-jerk, dangerous response to what is obviously a real danger and threat, but civil liberties, including privacy, can't simply be thrown away in the process."
Geist believes that Canada has moved more slowly on the issue of surveillance and security because of concerns about privacy. "We need both effective security and effective privacy, and can't really trade one for the other," Geist says, "Here in Canada, I would expect we'd have a more fulsome debate about how we would bridge the two."
^TOP
|
|
 |
 MENU |
|
|
RELATED CBC
BACKGROUNDERS: |
|
|
CBC NEWS
STORIES: |
|
|
| EXTERNAL LINKS: |
|
|
| MORE: |
|
|
|
CBC does not endorse and is not responsible for the content of external sites. Links will open in new window.
