ESA Program Charter
Overview of the GC ESA Program Charter
The GC ESA Program Charter describes the ESA initiative and provides a framework to support the delivery of the program and its objectives. The program charter will guide the execution and control of the GC ESA program. It also documents the program's definition and characteristics, as well as provides an overview of the program governance, roles and responsibilities, and high level plans. Its key points are summarized on this page, but for more detail, please read the GC ESA Program Charter.
Context for the Program Charter
The program charter identifies two documents that provide context for and support the development of the GC ESA Program.
Canada's Cyber Security Strategy
Canada's Cyber Security Strategy (CCSS), which was published in 2018, demonstrates the GC's commitment to protecting Canada's cyberspace. CCSS is national in scope and comprises of three fundamental pillars:
- Securing Government Systems
- Partnering to Secure Vital Cyber Systems Outside the Federal Government
- Helping Canada to be Secure Online
CCSS has identified several areas that need to be addressed in terms of securing government systems, including keeping pace with evolving cyber threats, enhancing the security of the GC cyber architecture, addressing global supply chain issues, and improving cyber security education and awareness. The ESA program is focused on dealing with these Pillar 1 activities.
For more information, please read Canada's Cyber Security Strategy.
Strengthening the Security of Federal Cyber Systems: A Backgrounder
As outlined in the Strengthening the Security of Federal Cyber Systems: A Backgrounder (aka the "GC ESA Backgrounder"), enhancing the security posture of GC systems and networks requires a comprehensive IT security strategy that includes developing IT security architecture designs, implementing defence-in-depth IT security capabilities based on these designs, and detecting and effectively responding to cyber threats. It also means ensuring that GC users understand and adhere to applicable security policies and know-how to identify and respond to cyber threats directed at end users. Finally, enhancing the security posture of GC systems requires that the GC understand how the IT landscape is evolving and that it continues to align its IT security strategy with its overall IT strategy.
The Backgrounder describes three fundamental themes:
- Improve our understanding of the cyber threat landscape
- Strengthen defensive capabilities
- Establish incident recover capabilities
GC ESA Program Scope, Approach, and Deliverables
The GC ESA Program Charter states that overall objective of the ESA program is to ensure that security is built into the designs of the IT infrastructure as it undergoes its transformation. The GC must, on an ongoing basis, identify threats to GC networks and systems, prioritize and counter identified and potential threats, and continually improve the robustness and security of the GC IT infrastructure.