The legislation is intended to flesh out Liberal government efforts to protect critical infrastructure following last month's announcement that Chinese vendors Huawei Technologies and
The newly tabled bill goes further, taking additional steps to protect infrastructure in the telecommunications, finance, energy and transportation sectors. It could apply to everything from pipeline and power systems to banking networks and railways.
"I think it's really important to underline that as we incorporate and integrate new technologies into our economy, we also have to be very sober about the national security landscape," Mendicino told a news conference.
"It's about both seizing the economic opportunity, but protecting Canadians as well."
The overall goal is to establish a framework to better shield systems vital to national security and give the government new tools to respond to emerging dangers in cyberspace.
From electronic espionage to ransomware, the threats to Canadians from malicious cyberactivity are greater than ever, the government says.
The specific businesses and organizations from each federally regulated sector that fall under the legislation would be determined through coming consultations.
The bill proposes giving regulators the ability to enforce various measures through audit powers and fines, and would allow for criminal penalties in cases of non-compliance.
Attacks by cybercriminals who hold data hostage in return for a ransom have become alarmingly common.
Some targeted organizations have preferred to pay the fee demanded to try to make the problem go away quietly, making it difficult for officials to get a full picture of the phenomenon.
Under the bill, a designated business must immediately report a cybersecurity incident involving any of its critical systems to the
Federal officials say consultations will help determine the threshold for mandatory reporting of such incidents.
Through changes to the Telecommunications Act, the bill would give the government legal authority to order any necessary action to secure
This would include prohibiting Canadian companies from using products and services from high-risk suppliers.
"We all recognize here in
Canada’s critical infrastructure is becoming increasingly interconnected, interdependent and integrated with cybersystems, particularly with the emergence of new technologies such as 5G that will increase the threat and introduce new vulnerabilities, the government says.
The federal policy outlined in May forbids the use of new 5G equipment and managed services from Huawei and
Any use of new 4G equipment and managed services from the two companies will also be prohibited, with existing gear to be pulled out by
This report by
© 2022 The Canadian Press. All rights reserved., source