Bill C-26: New Canadian critical infrastructure cyber security law
On June 14, the House of Commons introduced Bill C-26, which includes the newly drafted Critical Cyber Systems Protection Act (CCSPA) or in French, the Loi sur la protection des cybersystèmes essentiels (LPCSE). The CCSPA has been designed to “address longstanding gaps”1 in the federal government’s ability to protect systems and services of national importance and establishes a broad regulatory framework enabling the federal government to:
- define and strengthen baseline cyber security for systems and services of critical national importance;
- require certain organizations to develop and implement certain cyber security programs (CSPs);
- ensure that cyber incidents impacting vital systems and services are reported;
- issue binding Cyber Security Directions (CSDs); and
- encourage compliance through the introduction of administrative monetary penalties (AMPs).
We have prepared a bulletin which discusses each of these in greater detail.
This content has been updated on June 21, 2022 at 20 h 14 min.