{"id":16075,"date":"2022-06-24T16:39:25","date_gmt":"2022-06-24T16:39:25","guid":{"rendered":"https:\/\/carsp.ca\/?p=16075"},"modified":"2022-06-24T16:39:25","modified_gmt":"2022-06-24T16:39:25","slug":"new-cyber-security-legislation-affecting-transport-sector-une-nouvelle-loi-sur-la-cybersecurite-qui-aura-une-incidence-sur-le-secteur-des-transports","status":"publish","type":"post","link":"https:\/\/carsp.ca\/en\/news\/partner-news\/new-cyber-security-legislation-affecting-transport-sector-une-nouvelle-loi-sur-la-cybersecurite-qui-aura-une-incidence-sur-le-secteur-des-transports\/","title":{"rendered":"New Cyber Security Legislation affecting Transport Sector\/ une nouvelle loi sur la cybers\u00e9curit\u00e9 qui aura une incidence sur le secteur des transports"},"content":{"rendered":"<p class=\"m_1692229063863348870wordsection1\"><b><i><span lang=\"FR-CA\">**\u202fLe texte fran\u00e7ais suit l\u2019anglais\u202f**<\/span><\/i><\/b><span lang=\"FR-CA\">\u202f\u00a0<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\">Dear Transportation Stakeholders,<u><\/u><u><\/u><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><u><\/u>This is to inform you of new legislation, the <i>Critical Cyber Systems Protection Act<\/i>\u00a0(CCSPA), introduced in Parliament on June 14, 2022, alongside amendments to\u00a0<i>Securing Canada\u2019s Telecommunications System<\/i>\u00a0(SCTS) resulting in the combined Act,\u00a0<i>An Act Respecting Cyber Security<\/i>\u00a0(ARCS), Bill C-26.\u00a0<u><\/u><u><\/u><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><u><\/u>This legislation responds to calls for regulation to compel action to address cyber threats as heard in industry and public consultations leading to the 2018 National Cyber Security Strategy. As critical infrastructure systems are increasingly digitized, automated and interconnected, and essential services are managed online, cyber incidents or attacks against these systems have the potential to compromise national security and public safety.<u><\/u><u><\/u><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><u><\/u><b><i>The purpose for the CCSPA<\/i><\/b>\u00a0is to protect Canada\u2019s federally-regulated critical infrastructure against cyber threats, including ransomware. The CCSPA establishes a regulatory framework to protect cyber systems and services that underpin critical infrastructure in four key sectors: finance, telecommunications, energy and transportation. This includes specific measures for the Government to compel action against cyber threats and emphasizes the shared responsibility for a high-level of cyber security for services and systems upon which Canadians rely. These sectors were prioritized due to their importance to Canadians and their interconnectedness with other sectors.<u><\/u><u><\/u><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><u><\/u><b><i>For the transport sector<\/i><\/b>, the CCSPA will apply to private sector entities within federal jurisdiction that are designated under the Act. If designated, owners and operators of federally-regulated services and systems will be required to protect their critical cyber systems through enhanced information sharing and other measures including:\u00a0<u><\/u><u><\/u><\/p>\n<ul type=\"disc\">\n<li class=\"m_1692229063863348870wordsection1\">Establishing a Cyber Security Plan on how they will protect critical cyber systems;<u><\/u><u><\/u><\/li>\n<li class=\"m_1692229063863348870wordsection1\">Reporting cyber incidents to the Cyber Centre, permitting enhanced visibility of overall threats across sectors;<u><\/u><u><\/u><\/li>\n<li class=\"m_1692229063863348870wordsection1\">Mitigating supply chain or third party service or product risks; and,<u><\/u><u><\/u><\/li>\n<li class=\"m_1692229063863348870wordsection1\">Implementing Cyber Security Directions that may be issued and avoid non-compliance measures.<u><\/u><u><\/u><\/li>\n<\/ul>\n<p class=\"m_1692229063863348870wordsection1\"><b><i>Designated owners and operators deemed applicable under the Act have yet to be identified<\/i><\/b>. Classes of operators will be defined through consultations with transportation stakeholders.\u00a0<a name=\"m_1692229063863348870__Hlk106028977\"><\/a>Regulations will follow standard timelines for regulatory development.<u><\/u><u><\/u><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><u><\/u>Transport Canada will act as the regulator for compliance with CCSPA requirements and <b><i>ensure a consultative approach<\/i><\/b>\u00a0is taken across the various transportation modes for the development of associated regulations. Transport Canada officials will also ensure stakeholders are effectively informed of the requirements that may affect them in the future.<\/p>\n<p class=\"m_1692229063863348870wordsection1\"><u><\/u><u><\/u><u><\/u><span lang=\"EN-US\">Further key updates on this legislation will be provided. Should you have any questions or concerns, please e-mail: <\/span><a href=\"mailto:mvs-sa@tc.gc.ca\" target=\"_blank\" rel=\"noopener\"><span lang=\"EN-US\">mvs-sa@tc.gc.ca<\/span><\/a><span lang=\"EN-US\">.<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"EN-US\">For more information on the new legislation, please also visit: <\/span><a href=\"https:\/\/can01.safelinks.protection.outlook.com\/?url=https%3A%2F%2Fwww.canada.ca%2Fen%2Fpublic-safety-canada%2Fnews%2F2022%2F06%2Fgovernment-introduces-new-legislation-to-protect-canadas-cyber-security0.html&amp;data=05%7C01%7CVictoria.Gilchrist%40tc.gc.ca%7C55867ac1320b475c8df108da4fbd96ff%7C2008ffa9c9b24d979ad94ace25386be7%7C0%7C0%7C637909972969363830%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=vu03JMRB7ox2wDv5pVnCxXFCml6CXopOOBLEyMbiXSk%3D&amp;reserved=0\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/can01.safelinks.protection.outlook.com\/?url%3Dhttps%253A%252F%252Fwww.canada.ca%252Fen%252Fpublic-safety-canada%252Fnews%252F2022%252F06%252Fgovernment-introduces-new-legislation-to-protect-canadas-cyber-security0.html%26data%3D05%257C01%257CVictoria.Gilchrist%2540tc.gc.ca%257C55867ac1320b475c8df108da4fbd96ff%257C2008ffa9c9b24d979ad94ace25386be7%257C0%257C0%257C637909972969363830%257CUnknown%257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%253D%257C3000%257C%257C%257C%26sdata%3Dvu03JMRB7ox2wDv5pVnCxXFCml6CXopOOBLEyMbiXSk%253D%26reserved%3D0&amp;source=gmail&amp;ust=1656174114622000&amp;usg=AOvVaw1QSg1UYsC7WHfmdWGcKdXV\"><span lang=\"EN-US\">https:\/\/www.canada.ca\/en\/<wbr \/>public-safety-canada\/news\/<wbr \/>2022\/06\/government-introduces-<wbr \/>new-legislation-to-protect-<wbr \/>canadas-cyber-security0.html<\/span><\/a><u><\/u><u><\/u><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"EN-US\"><u><\/u>\u00a0<\/span><span lang=\"FR-CA\">******************************<wbr \/>******************************<wbr \/>******************************<wbr \/>*********************<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">Chers intervenants du secteur des transports,<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">La pr\u00e9sente vise \u00e0 vous informer qu\u2019une nouvelle loi, la <i>Loi sur la protection des cybersyst\u00e8mes essentiels<\/i>\u00a0(LPCE) a \u00e9t\u00e9 d\u00e9pos\u00e9e au Parlement le 14\u00a0juin\u00a02022, en m\u00eame temps que des modifications ont \u00e9t\u00e9 apport\u00e9es afin d\u2019assurer la s\u00e9curit\u00e9 du syst\u00e8me de t\u00e9l\u00e9communications du Canada (SCTS), ce qui a donn\u00e9 lieu \u00e0 une loi combin\u00e9e intitul\u00e9e,\u00a0<i>Loi sur la cybers\u00e9curit\u00e9,\u00a0<\/i>projet de loi C-26.<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">Cette loi se veut une r\u00e9ponse aux demandes de r\u00e9glementation visant la prise de mesures pour contrer les cybermenaces. Ces demandes ont \u00e9t\u00e9 entendues lors des consultations men\u00e9es aupr\u00e8s de l\u2019industrie et du public lesquelles ont men\u00e9 \u00e0 la Strat\u00e9gie nationale de cybers\u00e9curit\u00e9 de 2018. Comme les syst\u00e8mes d\u2019infrastructures essentielles sont de plus en plus num\u00e9ris\u00e9s, automatis\u00e9s et interconnect\u00e9s et les services essentiels g\u00e9r\u00e9s en ligne, les incidents cybern\u00e9tiques ou les attaques contre ces syst\u00e8mes sont susceptibles de compromettre la s\u00e9curit\u00e9 nationale et la s\u00e9curit\u00e9 publique.<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><b><span lang=\"FR-CA\">Le but de la LPCE<\/span><\/b><span lang=\"FR-CA\">\u00a0est de prot\u00e9ger des cybermenaces, y compris des ran\u00e7ongiciels, les infrastructures canadiennes essentielles sous responsabilit\u00e9 f\u00e9d\u00e9rale. Cette loi \u00e9tablit un cadre r\u00e9glementaire pour prot\u00e9ger les cybersyst\u00e8mes et les services qui soutiennent les infrastructures essentielles de quatre secteurs cl\u00e9s\u00a0:\u00a0 les secteurs des finances, des t\u00e9l\u00e9communications, de l\u2019\u00e9nergie et des transports. Il s\u2019agit notamment de mesures pr\u00e9cises permettant au gouvernement d\u2019obliger que des mesures soient prises pour contrer les cybermenaces. Ces mesures soulignent la responsabilit\u00e9 partag\u00e9e \u00e0 l\u2019\u00e9gard d\u2019un haut niveau de cybers\u00e9curit\u00e9 des services et des syst\u00e8mes sur lesquels les Canadiens comptent. La priorit\u00e9 a \u00e9t\u00e9 accord\u00e9e \u00e0 ces secteurs en raison de leur importance pour les Canadiens et de leur interconnectivit\u00e9 avec d\u2019autres secteurs.<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><b><span lang=\"FR-CA\">En ce qui concerne le secteur des transports<\/span><\/b><span lang=\"FR-CA\">, la LPCE s\u2019appliquera aux entit\u00e9s du secteur priv\u00e9 relevant de la comp\u00e9tence f\u00e9d\u00e9rale et d\u00e9sign\u00e9es aux termes de la Loi.\u00a0 Pour toute entit\u00e9 d\u00e9sign\u00e9e, les propri\u00e9taires et les exploitants de services et de syst\u00e8mes relevant de comp\u00e9tence f\u00e9d\u00e9rale seront tenus de prot\u00e9ger leurs cybersyst\u00e8mes essentiels au moyen d\u2019un \u00e9change d\u2019information am\u00e9lior\u00e9 et d\u2019autres mesures, dont entre autres\u00a0:<u><\/u><u><\/u><\/span><\/p>\n<ul type=\"disc\">\n<li class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">l\u2019\u00e9laboration d\u2019un plan de cybers\u00e9curit\u00e9 expliquant comment proc\u00e9der pour prot\u00e9ger les cybersyst\u00e8mes essentiels;<u><\/u><u><\/u><\/span><\/li>\n<li class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">le signalement de tout incident cybern\u00e9tique au Centre pour la cybers\u00e9curit\u00e9, assurant ainsi une plus grande visibilit\u00e9 des menaces globales dans l\u2019ensemble des secteurs;<u><\/u><u><\/u><\/span><\/li>\n<li class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">l\u2019att\u00e9nuation des risques pour la cha\u00eene d\u2019approvisionnement, les services fournis par des tiers ou les produits;<u><\/u><u><\/u><\/span><\/li>\n<li class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">la mise en \u0153uvre des directives relatives \u00e0 la cybers\u00e9curit\u00e9 et \u00e9viter les mesures de non-conformit\u00e9.<u><\/u><u><\/u><\/span><\/li>\n<\/ul>\n<p class=\"m_1692229063863348870wordsection1\"><b><span lang=\"FR-CA\">Les propri\u00e9taires et les exploitants d\u00e9sign\u00e9s auxquels la loi pourrait s\u2019appliquer n\u2019ont pas encore \u00e9t\u00e9 identifi\u00e9s<\/span><\/b><span lang=\"FR-CA\">. Les cat\u00e9gories d\u2019exploitants seront d\u00e9finies \u00e0 la suite de consultations men\u00e9es aupr\u00e8s des intervenants du secteur des transports. La r\u00e9glementation sera \u00e9labor\u00e9e en suivant les \u00e9ch\u00e9anciers standards pour l\u2019\u00e9laboration de r\u00e8glements.<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">Transports Canada agira \u00e0 titre d\u2019organisme de r\u00e9glementation en ce qui a trait \u00e0 la conformit\u00e9 aux exigences de la LPCE et veillera \u00e0 l\u2019adoption d\u2019une approche ax\u00e9e sur la consultation aupr\u00e8s des divers modes de transport lors de l\u2019\u00e9laboration des r\u00e8glements connexes. Les repr\u00e9sentants de Transports Canada veilleront \u00e9galement \u00e0 ce que les intervenants soient d\u00fbment inform\u00e9s des exigences qui pourraient les concerner \u00e0 l\u2019avenir.<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">D'autres mises \u00e0 jour cl\u00e9s sur cette loi seront fournies. Si vous avez des questions ou des pr\u00e9occupations, veuillez acheminer un courriel \u00e0 : <a href=\"mailto:mvs-sa@tc.gc.ca\" target=\"_blank\" rel=\"noopener\">mvs-sa@tc.gc.ca<\/a>.<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\">Pour plus d'informations sur la nouvelle l\u00e9gislation, veuillez \u00e9galement consulter le site :<u><\/u><u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"EN-US\"><a href=\"https:\/\/can01.safelinks.protection.outlook.com\/?url=https%3A%2F%2Fwww.canada.ca%2Ffr%2Fsecurite-publique-canada%2Fnouvelles%2F2022%2F06%2Fle-gouvernement-depose-une-nouvelle-loi-pour-proteger-la-cybersecurite-canadienne0.html&amp;data=05%7C01%7CVictoria.Gilchrist%40tc.gc.ca%7C55867ac1320b475c8df108da4fbd96ff%7C2008ffa9c9b24d979ad94ace25386be7%7C0%7C0%7C637909972969363830%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=3nuVhOIINPctPqoPinSHSpU%2BNEyEZTWJCOcSJ4eKMdc%3D&amp;reserved=0\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/can01.safelinks.protection.outlook.com\/?url%3Dhttps%253A%252F%252Fwww.canada.ca%252Ffr%252Fsecurite-publique-canada%252Fnouvelles%252F2022%252F06%252Fle-gouvernement-depose-une-nouvelle-loi-pour-proteger-la-cybersecurite-canadienne0.html%26data%3D05%257C01%257CVictoria.Gilchrist%2540tc.gc.ca%257C55867ac1320b475c8df108da4fbd96ff%257C2008ffa9c9b24d979ad94ace25386be7%257C0%257C0%257C637909972969363830%257CUnknown%257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%253D%257C3000%257C%257C%257C%26sdata%3D3nuVhOIINPctPqoPinSHSpU%252BNEyEZTWJCOcSJ4eKMdc%253D%26reserved%3D0&amp;source=gmail&amp;ust=1656174114622000&amp;usg=AOvVaw0_wukyxX1SPkX8jxdc6H2O\"><span lang=\"FR-CA\">https:\/\/www.canada.ca\/fr\/<wbr \/>securite-publique-canada\/<wbr \/>nouvelles\/2022\/06\/le-<wbr \/>gouvernement-depose-une-<wbr \/>nouvelle-loi-pour-proteger-la-<wbr \/>cybersecurite-canadienne0.html<\/span><\/a><\/span><u><\/u><u><\/u><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><span lang=\"FR-CA\"><u><\/u>\u00a0<u><\/u><\/span><\/p>\n<p class=\"m_1692229063863348870wordsection1\"><b><span lang=\"FR-CA\"><u><\/u>\u00a0<\/span><\/b><\/p>","protected":false},"excerpt":{"rendered":"<p>**\u202fLe texte fran\u00e7ais suit l\u2019anglais\u202f**\u202f\u00a0 Dear Transportation Stakeholders, This is to inform you of new legislation, the Critical Cyber Systems Protection Act\u00a0(CCSPA), introduced in Parliament on June 14, 2022, alongside amendments to\u00a0Securing Canada\u2019s Telecommunications System\u00a0(SCTS) resulting in the combined Act,\u00a0An&#8230;<\/p>\n","protected":false},"author":1299,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[174],"tags":[],"class_list":["post-16075","post","type-post","status-publish","format-standard","hentry","category-partner-news"],"acf":[],"_links":{"self":[{"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/posts\/16075","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/users\/1299"}],"replies":[{"embeddable":true,"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/comments?post=16075"}],"version-history":[{"count":3,"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/posts\/16075\/revisions"}],"predecessor-version":[{"id":16078,"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/posts\/16075\/revisions\/16078"}],"wp:attachment":[{"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/media?parent=16075"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/categories?post=16075"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/carsp.ca\/en\/wp-json\/wp\/v2\/tags?post=16075"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}