Canada’s implementation of the 2015 GGE norms
Canada would like to share some of the best practices it has identified and the lessons it has learned on the
implementation of previously recognized voluntary, non-binding norms of responsible State behavior
endorsed by the UN General Assembly, in case this is useful to other UN member States as they seek to
implement the 11 norms laid out in the 2015 GGE report.
Norm 1 – Consistent with the purposes of the United Nations, including to maintain international peace and
security, States should cooperate in developing and applying measures to increase stability and security in
the use of ICTs and to prevent ICT practices that are agreed to be harmful or that may pose threats to
international peace and security.
Canada has taken a number of steps to increase stability and security in the use of ICTs and prevent the most
harmful ICT practices. These steps include:
A) The drafting and updating of comprehensive national cybersecurity strategies.
The Government of Canada’s initial Cyber Security Strategy was released in October 2010 and provided a plan
to defend against cyber threats. The 2010 Strategy was built on three pillars: (I) Securing Government of
Canada systems; (II) Partnering to secure vital cyber systems outside the federal government; and (III) Helping
Canadians to be secure online. The 2010 Strategy, and the nation-wide initiatives it introduced through its
accompanying Action Plan, bolstered the Government of Canada’s capacity to prevent, detect, respond to,
and recover from malicious cyber activities. Some of the results achieved included furthering the Canadian
government’s engagement with critical infrastructure partners, launching the “Get Cyber Safe” public
awareness campaign, and bolstering the capabilities of the Canadian Cyber Incident Response Centre. The
Strategy also fostered collaboration and information sharing, which Canada views as our best defense in a
rapidly evolving threat environment.
Recognizing the evolving cyber landscape, on June 12, 2018, the government, led by Public Safety Canada,
released Canada’s new National Cyber Security Strategy (NCSS) to strengthen partnerships to secure vital
cyber systems both inside and outside the federal government, protect Canadians as they connect online, as
well as enhance the detection of, and ability to respond to, continually evolving cyber threats. The new NCSS
is organized according to three high-level goals:
1) Secure and Resilient Canadian Systems
Through collaborative action with partners and enhanced cyber security capabilities, we will better protect
Canadians from cybercrime, respond to evolving threats, and defend critical government and private sector
systems.
2) An Innovative and Adaptive Cyber Ecosystem
By supporting advanced research, fostering digital innovation, and developing cyber skills and knowledge, the
federal government aims to position Canada as a global leader in cyber security.
3) Leadership, Governance and Collaboration
The federal government, in close collaboration with provinces, territories, and the private sector, will take a
leadership role to advance cyber security in Canada.
The new NCSS was designed to be flexible and remain relevant as the cyber security environment continues to
evolve. Similarly, its accompanying activities are not an end state. They represent an incremental step towards
achieving Canada’s long-term vision of safety and security in the digital age both at home and internationally.
As part of this strategy, Global Affairs Canada will work with Canada’s allies, likeminded countries and the
international community to shape the international cyber security environment by promoting a free, open
and secure Internet, as well as by promoting respect for international law and agreed norms of State
behaviour in cyberspace.