Communications Security Establishment Canada Annual Report 2024-2025

Arctic sovereignty

CSE works hard alongside domestic and international partners to support Canada’s security and sovereignty in the Arctic—a priority for the Government of Canada. Canada’s new Arctic Foreign Policy cites CSE as a key partner in bridging the intelligence gap to address the complex range of threats facing the Arctic, and we continue to invest to meet the growing demand for intelligence from a variety of Arctic stakeholders. We work closely with domestic partners and international allies to provide foreign intelligence and advance partnerships in areas such as cyber defence, economic security and countering foreign interference.

This year, we shared 196 intelligence reports on Arctic security with 20 Government of Canada departments and with Canada’s international allies. These reports included information on foreign states’ political intentions, military capabilities, technological advancements, economic interests and research activities in the region. CSE also actively pursues intelligence on foreign cyber actors seeking to exploit and compromise systems related to the Arctic.

Border security and illicit synthetics

In December 2024, the Government of Canada announced its plan to strengthen border security and Canada’s immigration system. Specifically, the government announced an investment of $180M over 6 years to expand CSE’s intelligence collection and foreign cyber operations capacity, enabling CSE to target transnational organized crime and fentanyl trafficking more effectively. CSE’s vital intelligence relationships—within the Government of Canada and with international partners—are an asset as we put Canada’s Border Plan into action.

This year, we developed new campaigns to identify and disrupt transnational criminal networks responsible for fentanyl and synthetic opioid supply chains into Canada. We are working closely with domestic and international partners to achieve this priority objective.

We remain closely engaged with our Five Eyes partners, particularly with US counterparts, to share information and coordinate operations aimed at disrupting the transnational criminal networks involved in the supply chain of illicit synthetics. CSE is proud of our strong allied partnerships, which are crucial to our collective security.

Hostile state activity

CSE’s foreign intelligence provides important information and insights to support Canadian and allied efforts to counter activities of hostile states. This year, our foreign intelligence reporting continued to provide the Government of Canada and allies with analysis to support:

• monitoring for foreign interference activities and strengthening democratic processes
• securing Canada’s innovation ecosystem from foreign disruption
• hardening critical infrastructures against sophisticated espionage attempts

Cybercrime

Cybercrime remains a persistent, widespread and disruptive threat, sustained by a thriving and resilient global cybercrime ecosystem. CSE continues to monitor and analyze the foreign cybercrime threat ecosystem to enrich Canada’s and Five Eyes partners’ knowledge of cybercrime threat actors and the fluidity of the cybercrime ecosystem.

CSE produces intelligence on the tactics, techniques and procedures used by foreign-based cyber criminals and state actors. This intelligence provides the Cyber Centre with high-confidence data to disrupt attempts to scan and breach Government of Canada systems and other systems of importance.

This year, we identified thousands of indicators of compromise, which helped to defend Government of Canada networks and facilitate timely victim notifications. We also leveraged our SIGINT capabilities to inform operations led by international law enforcement to disrupt and dismantle foreign-based financially motivated cyber criminal groups.

Countering violent extremism

CSE works to identify the activities of foreign-based extremists who pose a threat to Canada and our allies. We provide valuable foreign intelligence to protect Canadians and Canadian interests from terrorism and violent extremism. This includes threats from religiously motivated violent extremism (for example, al-Qaeda and Daesh affiliates) and ideologically motivated violent extremism (for example, xenophobic, anti-authority, gender identity–driven and grievance-driven extremist ideologies).

This year, our efforts to counter violent extremism extended to supporting victims of kidnappings, reporting on extremist threats to allies, and covering threats to public events and to Canadian embassies and missions. Other examples of our efforts in this space this year include:

• working closely with domestic partners to provide critical information on foreign extremists aiming to direct attacks in Canada
• identifying threat actors responsible for bombs threats against entities in Canada
• working with domestic and international partners to produce foreign intelligence that identified foreign threat actors seeking to influence or inspire “lone-wolf” attackers in Canada and abroad
• helping international partners, on multiple occasions, to mitigate and disrupt violent extremist threats in their countries
• monitoring extremist threats to international events
• creating a surge team that worked with multiple foreign partners to defend against threats to the 2024 Paris Olympic Games

Support to military operations

CSE plays a vital role in supporting military operations by providing time-sensitive warnings and situational awareness to ensure the safety of CAF personnel during deployments and exercises. This year, we delivered timely intelligence for many named operations, including operations unifier, reassurance and horizon. This included providing foreign intelligence that:

• identified counter-intelligence threats to CAF personnel
• assisted in the evacuation of Canadians from conflict zones
• examined the activities of state-owned enterprises with links to military end-use, especially those capable of targeting Canadian operations and exercises
• identified enemy electronic warfare tactics, techniques and procedures to provide CAF with more insight on adversarial electronic warfare systems

This year, CSE supported an intelligence effort to identify legitimate business entities covertly supporting the military, political and commercial goals of foreign governments to disrupt CAF and allied operations.

Additionally, CSE continued to work to identify command, control, communications, computers, intelligence, surveillance, reconnaissance and targeting by foreign adversaries that could pose a threat to Canadian and allied forces conducting operations.

CSE also provides valuable intelligence to partner forces. Our intelligence efforts this year enabled CAF to inform partner forces of adversarial intent and capabilities, and to provide force protection to deployed personnel.

Countering ransomware

This year, CSE stood up a campaign to counter the 10 most significant ransomware groups impacting Canada and our allies.

We also participated in a multinational operation aimed at disrupting the activities of a ransomware actor. CSE used a variety of covert techniques to degrade and disrupt the illicit operations of this group, significantly impacting the group’s ability to target Canadians.

Disrupting violent extremist organizations

In addition to enabling real-world disruptions of foreign extremist activities, CSE intelligence informed our active cyber operations against VEOs. Using a multi-faceted approach that targeted VEOs’ technical infrastructure and online presence, CSE conducted active cyber operations to:

• damage the credibility and influence of key group leaders, reducing their ability to inspire and lead
• Weaken trust and reduce cohesion between leaders and followers, undermining the unity and strength of these organizations
• highlight the legal and personal risks associated with engaging in VEO activities, potentially deterring individuals from involvement
• remove violent and extremist content from online platforms, denying VEOs a vital tool for radicalization and recruitment

Collectively, these actions weakened the online presence and influence of VEOs, making it harder for them to operate and reducing the threat they pose to Canada and our allies.

National Cyber Threat Assessment 2025-2026

The National Cyber Threat Assessment (NCTA) 2025-2026 outlines key cyber threats from state adversaries, cybercrime threats, and trends shaping Canada’s cyber threat landscape. The NCTA contains 6 key judgments:

• Canada’s state adversaries are using cyber operations to disrupt and divide
• the PRC’s expansive and aggressive cyber program presents the most sophisticated and active state cyber threat to Canada today
• Russia’s cyber program furthers Moscow’s ambitions to confront and destabilize Canada and our allies
• Iran uses its cyber program to coerce, harass and repress its opponents, while managing escalation risks
• the Cybercrime-as-a-Service business model is almost certainly contributing to the continued resilience of cybercrime in Canada and around the world
• ransomware is the top cybercrime threat facing Canada’s critical infrastructure

Cyber Threats to Canada’s Democratic Process

In March 2025, CSE published an update on cyber threats to Canada’s democratic process, highlighting the growing use of AI by foreign adversaries to target elections worldwide, including in Canada. The report outlined the following key findings:

• foreign actors, particularly those affiliated with Russia and the PRC, are leveraging AI to sow division and distrust within democratic societies
• hostile foreign actors are using AI to flood the information environment with false information, including by enabling the creation of disinformation and of social botnets to spread it
• foreign actors are increasingly using generative AI to create and spread viral disinformation with the potential for greater impact as these methods evolve and become even more accessible
• cybercriminals and state-sponsored actors will likely use AI to enhance social engineering attacks against political figures and electoral institutions in the near future
• nation states are collecting massive amounts of data and are using AI to analyze it faster than ever, further enhancing their ability to conduct targeted influence and espionage campaigns
• AI is being used to create deepfake pornography targeting politicians and public figures, predominantly women and 2SLGBTQI+ people

During the first week of the update’s release, the report’s page was visited almost 2,000 times and related social media posts had over 16,000 views. The report received widespread news coverage in major media outlets—reaching an estimated audience of over 13 million people.

Support to federal institutions

CSE and the Cyber Centre continued to support federal institutions this year to respond to cyber incidents, mitigate cyber threats, brief departments that experienced cyber incidents, and generally enhance cyber resilience across the federal landscape. We worked with 150 Government of Canada organizations and delivered comprehensive briefings focused on small departments and agencies, which were identified as being at increased risk of cyber threats and attacks.

Throughout the year, we provided various support and services to federal institutions to help increase cyber resilience across the federal government landscape. This included:

• delivering advice and guidance
• conducting supply chain integrity assessments
• supporting secure communications capabilities
• monitoring and producing threat assessments in support of high-impact, high-priority and high-risk government projects, services and initiatives
  • for example, Shared Services Canada’s Endpoint Visibility Awareness and Security, the Government of Canada’s Secret Infrastructure Next Generation, and the Employment and Social Development Canada (ESDC) Benefits Delivery Modernization program

Support to provinces and territories

Cyber threat actors like the PRC almost certainly view provincial, territorial, Indigenous and municipal governments as valuable targets for cyberespionage. Cyber threat activity targeting these levels of government likely mirrors the ongoing activity targeting the Government of Canada. All government networks hold information on decision-making and regional affairs, as well as personal information of Canadians.

Increasing cyber security collaboration with the provinces and territories remains a top priority for CSE. We are working with provincial and territorial partners to mitigate ongoing compromises and to warn of potential malicious cyber threat activity from sophisticated actors. We are also enabling other levels of government to better assess threats and remediate compromises to their systems.

In 2024 to 2025, following a series of cyber incidents targeting northern institutions, and with the Minister’s authorization, the Cyber Centre began proactively deploying sensors to territorial government IT assets in Yukon, the Northwest Territories and Nunavut. These sensors detect malicious cyber activity in devices at the network perimeter and in the cloud. They are one of the Cyber Centre’s most important tools for defending systems of importance to the Government of Canada.

Support to critical infrastructure

Ensuring that we continue to develop strong partnerships with critical infrastructure is vital in preventing disruptions that could have widespread and severe consequences to Canadians. We establish strategic partnerships with Canada’s critical infrastructure owners and operators to share advanced cyber threat information, promote the integration of cyber defence technology and foster strong engagement.

This year, we collaborated and built partnerships with critical infrastructure in the following ways:

• collaborating with mobile network operators and global security experts to identify emerging threats and initiate activities to increase the cyber resilience of Canadian 5G networks
• participating in over 200 speaking engagements across critical infrastructure sectors such as:
  • energy (electricity, oil, mining, nuclear)
  • small and medium organizations
  • water
  • defence industrial base
  • health
  • transportation
  • finance
  • telecommunications and information and communication technology
• providing 38 biweekly threat briefings, each of which had over 600 participants, for IT security professionals in Canada’s critical infrastructure sectors
• participating in 13 tabletop exercises
• holding 7 “walk-the-talk” sessions to provide actionable information and expert briefings on technical topics like AI, the quantum threat and post-quantum cryptography, and cybercrime

Communications security

We are Canada’s communications security (COMSEC) authority. Through our information assurance mandate, we continue to evolve our COMSEC program thanks to a collaborative and supportive COMSEC community that stretches across the Government of Canada.

As part of our secure communications program, we soft-launched the Trusted Integrator program this year. This program recognizes third-party IT security organizations that have demonstrated knowledge and experience in the development, implementation and testing of secure tailored solutions.

This year, CSE also hosted our annual Secure Communications User Group workshop, bringing together operational and strategic COMSEC communities to identify synergies, improve workflows and reinforce secure practices.

Our COMSEC team also hosted Chief Security Officers and departmental and enterprise COMSEC authorities at a classified event to discuss the evolving cryptographic landscape and the importance of collaboration to stay ahead of threats.

Preparing for quantum safe cryptography

Cryptography is a fundamental part of cyber security and is essential to keeping data and communications secure. However, as early as the 2030s, quantum computers are expected to become large enough to break the cryptography currently in use worldwide.

At CSE, we don’t panic, we plan. Through our information assurance mandate, CSE continues to modernize our cryptographic systems. We also took many steps to educate government, industry and critical infrastructure partners on the quantum threat and to help stakeholders prepare for the transition to post-quantum cryptography. Some key activities this year included:

• publishing updated cryptography guidance
• continuing to contribute to the international standardization process for quantum-safe cryptography; for example, by providing public feedback on 3 draft standards led by the US National Institute of Standards and Technology
• working with federal partners to plan for the rollout of quantum-safe cryptography across the Government of Canada once the international standards are finalized
• providing over 30 briefings to government, industry and critical infrastructure partners on the quantum threat and how to prepare for the quantum-safe transition, including briefings on the importance of using standardized and validated cryptography to prevent unnecessary security vulnerabilities
• participating in Migration to Post-quantum Cryptography Industry Day by delivering a presentation to key industry partners on the Government of Canada’s transition strategy for post-quantum cryptography

Incident management

This year, the Cyber Centre helped respond to 2,561 cyber security incidents across the Government of Canada (1,155) and Canadian critical infrastructure (1,406). This was an increase over last year (2,192 incidents), largely due to an increase in cases targeting critical infrastructure.

The Cyber Centre also received 843 cyber incident reports from federal institutions (463) and Canadian critical infrastructure (380).

The Cyber Centre’s definition of a cyber incident covers a wide range of attempted threat activity, whether successful or not.

Pre-ransomware notifications

Pre-ransomware notifications provide early warning to potential victims during the initial access stage of a ransomware incident. They enable network defenders to pinpoint the compromise and thwart it before any encryption or data theft occurs.

This year, the Cyber Centre issued 336 pre-ransomware notifications to 309 Canadian organizations. The would-be victims included every level of government and key sectors, such as healthcare, energy, manufacturing, finance and education.

Pre-ransomware notifications rely on 3 key sources of information:

• Cyber Centre research into the behaviour of malware and its related infrastructure
• collaboration with trusted industry partners
• collaboration with the US-led Joint Ransomware Task Force

Support to missions in the Middle East

During a year of war and upheavals in the Middle East, COPCC liaised with other Government of Canada departments and shared information on the conflict in Lebanon, the overthrow of the Assad regime in Syria, and the overall Middle Eastern geopolitical situation.

Additionally, COPCC coordinated CSE’s support for commercial flight options for Canadians evacuating Lebanon and prepared for a possible non-combatant evacuation due to the Israel-Hezbollah conflict.

Support to the Paris 2024 Olympic Games

COPCC coordinated CSE’s cyber security and intelligence efforts to ensure the security of the Olympic and Paralympic games in the summer of 2024. This included liaising with the Cyber Centre to deliver effective cyber security briefings to key stakeholders and attendees and engaging with international partners to share information and postures in support of the event.

Cyber security assistance to Ukraine and Latvia

The Cyber Centre has been working to support Ukraine and Latvia with cyber security since 2022, when the Minister of National Defence designated the cyber systems of these countries as being of importance to Canada.

CSE’s Artificial Intelligence Strategy

This year, we launched the CSE Artificial Intelligence Strategy. This foundational document focuses on purposeful innovation, equipping our workforce, and expanding partnerships across industry, academia and with international allies.

The CSE AI Strategy is built on a 3+4+1 framework. Three key commitments define our purpose: innovating and integrating AI for national security, championing responsible and secure AI, understanding and countering the threat of malicious AI use. Four cornerstones—people, partnerships, ethics and infrastructure—underpin our efforts. And one unified AI effort will guide implementation, fostering a cohesive approach as we evolve our ways of working to achieve the strategy’s objectives.

Long description - CSE’s “3+4+1” AI Strategy Framework

This image present the strategic vision built around harnessing the power of artificial intelligence (AI) while ensuring its responsible use.

It begins with three commitments, acting as guiding principles:

1. Innovating and integrating AI for national security.
2. Championing responsible and secure AI .
3. Understanding and countering the threat of malicious AI use.

To support these commitments, the framework is built on four cornerstones, representing the foundation of success:

1. People: Skilled individuals are at the heart of this effort, bringing expertise, creativity, and adaptability.
2. Partnerships: Collaboration with stakeholders, whether within the organization or across industries and governments, is essential for progress.
3. Ethics: A commitment to ethical practices ensures trust, transparency, and fairness in AI applications.
4. Infrastructure: Robust systems and resources are necessary to enable the seamless integration and effective functioning of AI technologies.

All these components converge into a unified effort: a vision of an organization committed to evolving and adapting to remain ready for the opportunities and challenges posed by AI .

The CSE AI Strategy empowers our workforce to use AI responsibly and provides our team with a unique skillset in the federal government. It also complements wider Government of Canada priorities, such as the Canadian Artificial Intelligence Safety Institute (CAISI) and the AI Strategy for the Federal Public Service.

CSE is committed to building and using AI capabilities ethically, responsibly and securely—addressing AI’s risks while maximizing its benefits.

Leveraging data science and artificial intelligence for in-house innovation

CSE hosts an annual workshop where participants from Canada and the Five Eyes work to solve complex problems facing the SIGINT community. This year, many teams used AI and data science to build new tools capable of analyzing very large datasets to automate tedious daily tasks and augment analysis capabilities.

As a result of this year’s workshop, CSE implemented a Retrieval-Augmented Generation (RAG) prototype on analyst training material to enhance analytical processes and improve efficiency. This revolutionized the analyst learning experience, providing analysts with instant access to information and accelerating their skills development.

Other exciting workshop outcomes included:

• applying data science techniques to explore datasets and reveal valuable insights about the intentions of malicious cyber actors
• implementing semantic search and topic modelling for rapid data triage to quickly identify and prioritize critical intelligence, leading to better reporting

Contributing to Government of Canada efforts in artificial intelligence

As a leader in AI research and innovation, CSE contributes to various efforts across the Government of Canada to assess AI risks and mitigations to ensure robust and secure AI deployment. In 2024 to 2025, this work included:

• serving as a member of the ESDC Benefits Delivery Modernization Innovation Office
• participating in the Shared Services Canada AI Governance Working Group
• providing strategic direction on plans, priorities and research projects for CAISI

Outreach activities related to artificial intelligence

To address growing concerns around AI threats, CSE and the Cyber Centre have been actively engaging with various stakeholders. This year, we delivered presentations to diverse audiences, including:

• the Federal-Provincial-Territorial Conference
• Alberta Energy
• BHP Saskatoon
• Elections Canada
• senior Government of Canada executives

These presentations covered topics such as AI threats, mitigation strategies, deployment considerations, phishing, malware and deepfakes.

Testing Microsoft 365 Copilot

Like many other workplaces across Canada, CSE is exploring how AI can increase efficiencies and support our teams. This year, through Microsoft’s Early Access Program, 300 users across CSE piloted Microsoft Copilot and Personal Assistant. Pilot participants ranged from working-level employees to executives.

CSE was able to tailor the tool to our specific functions, maintaining our secure environment and need-to-know posture, all while continuing to protect sensitive information. This pilot allowed CSE employees to test out a range of different ways to securely apply AI to support their work activities.

SIGINT Canada project

This year, CSE undertook a groundbreaking initiative in data and information stewardship through the SIGINT Canada project. This project transformed the collection, management and secure sharing of sensitive data within Canada’s national security infrastructure.

SIGINT Canada modernized IT infrastructure and streamlined the sharing of critical data and services between CAFCYBERCOM and CSE. By integrating advanced technologies, SIGINT Canada has enhanced the efficiency, security and interoperability of critical data-sharing systems across Canada’s civilian and military SIGINT communities.

Key achievements of the SIGINT Canada project include:

• improved data sharing: deploying a standardized infrastructure across various agencies for secure, real-time access to critical data and services from multiple endpoints, improving collaboration and decision-making
• operational efficiency: introducing new systems and processes to streamline data management, which reduced complexity and increased the speed of decision making
• strengthened security: implementing advanced cyber security measures, which ensured that sensitive data was securely managed, shared and protected across high-security networks and international partners
• enhanced interoperability: creating a unified service delivery model that allowed for greater data integration and cross-agency collaboration, which facilitated smoother communication and data exchange between government entities and international partners

Expansion of Canada’s Top Secret Network

Departments across the Government of Canada increasingly need to access intelligence to fulfill their mandates and deliver on their operational activities. As a result, CSE has seen continued growth and an increasing demand for Top Secret network services.

CSE operates Canada’s Top Secret Network (CTSN), a secure IT network used to collaborate and communicate at the Top Secret level. This year, CSE supported major site expansions for existing CTSN clients, including the National Security and Intelligence Review Agency (NSIRA), PCO, Justice Canada and the RCMP, resulting in a 20% increase of deployed endpoints.

In the upcoming year, CSE will onboard 3 new government departments to CTSN:

• Environment and Climate Change Canada
• Public Prosecution Service of Canada
• Office of the Commissioner of Canada Elections

CSE also deployed a significant number of its Top Secret terminals at cafcybercom and its satellite stations across Canada, and in support of deployed military operations.

Tutte Institute for Mathematics and Computing

Over the past year, the Tutte Institute for Mathematics and Computing (TIMC) continued to develop foundational theory, innovative techniques and effective tooling in its 2 focus areas: cryptography and data science.

Where possible, TIMC makes its tools available publicly, publishes results in academic journals and presents at conferences. This year, TIMC contributed to the academic community by:

• publishing 12 journal articles
• producing 5 software releases of new or significantly updated code
• organizing 3 conferences
• editing 1 conference proceedings
• conducting a podcast interview and participating in multiple panel discussions
• giving 3 invited talks and 7 presentations at external conferences
• holding positions on the Canadian Mathematical Society Board and committees

Software libraries from TIMC averaged over 2.5 million downloads per month.

Vulnerability Research Centre

Through our Vulnerability Research Centre (VRC), CSE continues to conduct applied vulnerability research in support of our mandate and those of our federal partners. Over the last year, we discovered numerous vulnerabilities and responsibly disclosed 10 vulnerabilities to the affected vendors.

This year, the VRC partnered with Ontario Tech University and the University of Toronto for the first time. The VRC also continued its partnership with Concordia University to improve vulnerability research tooling.

GeekWeek 9

For the 9th year in a row, the Cyber Centre hosted GeekWeek, an annual unclassified workshop that brings together key players in the field of cyber security to generate solutions to vital problems facing the industry. This year’s theme was Animating cyber security. The Cyber Centre was happy to welcome participants from government, the private sector, critical infrastructure, and international partners.

Online learning and training

The Cyber Centre Learning Hub provides training in cyber security and communications security. Services are available to those working within the Government of Canada, other levels of governments, critical infrastructure organizations, small and medium organizations and educators. This year, total enrollment for Learning Hub courses reached 11,895.

Get Cyber Safe campaign

CSE shares cyber security advice directly with Canadians through our Get Cyber Safe public awareness campaign. Get Cyber Safe offers simple, practical tips to help Canadians protect themselves as they go about their lives online.

Get Cyber Safe produced over 46 new resources this year, expanding guidance on a range of cyber security topics, including:

• expanding our romance scam content with a quiz on how your love language can help you get cyber safe and a blog post outlining romance scam tactics to watch for
• adding new resources on e-transfer fraud
• providing new information on staying safe with payment methods, in partnership with the Canadian Anti-Fraud Centre
• creating a video that shows Canadians how to report spam text messages on their devices

We also added resources on the new ways that cyber criminals are using AI to trick people into falling for their scams, and some practical tips on how to stay safe:

• The next generation: Spotting content created with artificial intelligence
• Recognize AI: 9 ways to spot AI content online
• How cyber criminals are using AI for online threats
• Why you should never give your personal information to AI

Cyber Security Awareness Month

Every October, CSE leads Cyber Security Awareness Month (Cyber Month) in Canada. This year’s theme was “Generation Cyber Safe: Because online security knows no age.” The campaign encouraged Canadians from all walks of life to take simple, meaningful steps to protect themselves online. From likable videos to catchy jingles and cross-platform content, the campaign was a national conversation starter.

National partners from both private and public sectors helped to co-create and share content, and over 300 organizations used our Cyber Month content to connect to their audiences. We are proud of the reach and impact of this year’s campaign. Over the course of Cyber Month, the campaign’s content:

• was seen over 293,000 times
• was shared by 410 unique social media accounts
• generated 26 million impressions and reached 3.8 million users
• generated 73,081 website visits, up from 63,338 in the previous year

Cyber Readiness Goals

This year, we introduced the Cyber Security Readiness Goals (CRGs), realistic and achievable goals to strengthen the cyber security of Canadian organizations, particularly critical infrastructure organizations.

The CRGs outline key objectives and important steps that organizations can take to improve the cyber security posture of both information technology and operational technology systems in the face of increasingly complex and evolving cyber security threats.

Composed of 36 foundational and voluntary goals, the CRGs consolidate baseline advice and guidance from the Cyber Centre on preventing, detecting and responding to cyber security threats.

The Cyber Centre has already delivered briefings on the CRGs to over 1,000 partners from a variety of key sectors, including energy, finance and transport.

Guidance publications

Another important service that CSE and the Cyber Centre provide to keep Canadians informed is publishing guidance on threats, mitigation techniques and more to our Cyber security guidance webpage. These publications target a range of audiences, including the Canadian general public, IT practitioners, federal and provincial democratic institutions, private sector executives and allies.

We published 29 cyber security guidance publications this year, plus another 20 joint endorsement publications with our Five Eyes partners.

Community outreach

Our growing community outreach program includes sponsoring not-for-profit programs, volunteer opportunities and in-school workshops for elementary and high school students to encourage the development of science, technology, engineering and math (STEM) skills and interest in STEM careers. The program aims to create opportunities in STEM for groups that may face barriers and that are underrepresented in the field. Some of the programs and events that we sponsored this year include:

• Hackergal
• CyberSci
• BlackBoys Code
• Raspberry Pi

This year, the Cyber Centre also hosted the CyberSci National Championships, which included 100 student participants. This was our third year sponsoring and coaching Team Canada, which won first place in the guest category at the European Cybersecurity Challenge 2024 for the third year in a row!

Promoting cyber security awareness among Indigenous communities

The Cyber Centre engages with Indigenous communities to enhance overall cyber security awareness and resilience. By promoting best practices, encouraging strong cyber hygiene and supporting local capacity building, these efforts help strengthen digital safety and support community-driven approaches to cyber security.

In March 2025, Manitoba First Nations SchoolNet hosted a Cyber Security Workshop in Churchill, Manitoba. The workshop brought together over 30 Indigenous youth aged 18 to 24, representing First Nations communities across the province. All participants were interns supporting their communities with IT, connectivity and digital initiatives.

The Cyber Centre delivered a hands-on session focused on cyber safety and awareness. This initiative aimed to equip youth with practical cyber security skills to strengthen digital resilience in their communities, while also advancing digital equity and connectivity across Manitoba’s First Nations communities.

Engaging with the wider Government of Canada

Beyond operational engagement, we engaged with over 150 Government of Canada organizations this year to coordinate services and enhance cyber resilience across the federal landscape. This included:

• 25 one-on-one briefings with federal organizations
• bimonthly standing briefings open to all Government of Canada IT and cyber security teams and senior executives

The Cyber Centre launched a Government of Canada–wide Community of Interest call, establishing a platform for knowledge-sharing between the Cyber Centre and IT and cyber security professionals across the Government of Canada. This initiative supports government-wide cyber security strategies by providing insights on emerging cyber threats targeting the Government of Canada, sharing updates on key Cyber Centre initiatives, and highlighting critical programs that enhance the government’s cyber security posture.

To increase awareness across the Government of Canada of its services, the Cyber Centre also published its first-ever brochure this year. The brochure was disseminated across the Government of Canada and included explanations of all the Cyber Centre can offer, as well as relevant contact information.

Cyber security briefing for Canadian journalists

This year, we were pleased to host a cyber security briefing for Canadian journalists. This unclassified, in-person briefing coincided with the publication of Mitigating cyber threats with limited resources: Guidance for civil society, a joint publication between CSE and international partners that warned the civil society sector about real and growing threats to their cyber security. Attendees represented a diverse group of accredited media organizations from across the country.

The briefing was not for news coverage. Instead, our intent was to provide attendees with useful information to improve their personal and professional cyber security. In total, 15 journalists attended the briefing, which was delivered in both official languages.

Montreal National Presence pilot project

In August 2024, the Cyber Centre opened an office in Montreal, its first office outside of the National Capital Region. We aim to work closely with local partners in cyber security and critical infrastructure within the Montreal region to deliver programs and services, cultivate relationships, and facilitate information exchange. In addition to promoting partnerships with critical infrastructure and other key stakeholders, this pilot project will allow us to assess the impact and benefit of further expanding CSE’s national presence, including exploring the possibility of expanding to other locations in Canada. 

Certified Inclusion Professional

This year, CSE hired a Certified Inclusion Professional who ensures that all external recruitment communications elements and materials are reviewed with a Gender-based Analysis Plus (GBA Plus) lens, promoting fairness and accessibility. This has also led to initiatives like dedicated parking for pregnant employees.

Indigenous Career Navigator

CSE was thrilled to welcome our first Indigenous Career Navigator this year. The Indigenous Career Navigator works with Indigenous employees and applicants to help them navigate their career paths and set and achieve professional goals. They also collaborate with managers to ensure Indigenous employees are considered in all hiring and staffing decisions, including promotions and mentorship opportunities.

Sponsorship program for racialized and Indigenous employees

In 2023, CSE launched a sponsorship program for racialized and Indigenous employees, which resulted in 90% of participants earning merit-based career-advancing development opportunities. This year, CSE relaunched the program and expanded it to include persons with disabilities.

The relaunched program has almost double the number of proteges of the original pilot program and welcomed proteges at all career stages. For example, 48% reported being at an early stage in their career and 26% said they were at a later stage. In terms of self-declaration,

• 15% self-identified as being neurodiverse or a person with a disability
• 11% self-identified as Indigenous
• 18% self-identified as Black
• 56% self-identified as racialized

Security program updates

Security is paramount to CSE operations, and our security processes and policies need to reflect our values and priorities. Over the past year, our security team has worked closely with internal partners to enhance the inclusivity and transparency of CSE’s security processes, all while preserving the integrity of these processes. These consultations led to a number of encouraging results:

• The security interview process was updated to improve inclusivity
• The security screening questionnaire was reviewed through a GBA Plus lens to identify and remove potentially biased elements, ensuring equal access and fair treatment across all groups
• Job posters for security positions were reviewed, and our security teams were diversified to foster equitable hiring and break down systemic barriers

In addition, this year, CSE completed its participation in the NSIRA review of the polygraph program. CSE will continue to implement new and improved practices to strengthen the security process, ensuring it remains robust while safeguarding the privacy of all applicants.

Bilingualism and official languages

CSE takes great pride in being a workplace where people feel free to express themselves in the official language of their choice. Linguistic duality and bilingualism in the workplace remain priorities for CSE, and we are proud of our achievements this year, which include:

• developing new procedures for hosting events to ensure a parallel experience in both official languages
• investigating and experimenting with simultaneous translation capabilities for virtual and in-person events
• adding accents to names in Outlook and Teams
• taking proactive human resources measures to prepare for upcoming changes to the Official Languages Act

CSE’s Réseau franco affinity group also began working with the Official Languages team to develop a vision and plan for official languages at CSE. Furthermore, our Centre of Expertise in Second Language Learning continued to provide a variety of tools and resources to help employees build skills and confidence in their second language.

Inclusivity in our external representation

CSE’s passion for championing EDIA extends beyond the walls of our buildings. We worked hard this year to embed EDIA into every facet of our work, including our parliamentary appearances and participation in external events. For example:

• including pronouns and a land acknowledgement in opening remarks for parliamentary appearances
• building knowledge on parliamentary engagements and encouraging diverse members of CSE’s leadership community to consider themselves as potential candidates for parliamentary appearances, resulting in many first-time appearances
• steadily increasing EDIA items in programs and agendas of major multilateral gatherings
• considering diversity of representation when selecting delegations for representation abroad
• opening new avenues for Five Eyes collaboration through the first Five Eyes EDIA Summit, which enabled us to leverage and share best practices at a partnership level and opened pathways to future knowledge exchange
• starting to embed EDIA best practices at an institution level in our Five Eyes partnerships through 2 EDIA-specific delegations

Gender-based Analysis Plus

GBA Plus has been transformative for CSE, shaping our organizational culture and enhancing our policies. GBA Plus training is mandatory for all staff, which has helped our entire workforce develop an understanding of how gender and intersectional factors like age, ethnicity and ability influence experiences and outcomes. This foundational knowledge has strengthened CSE’s capacity to identify biases and barriers within our processes, ultimately leading to more inclusive practices.

Here are some of the ways that we integrated GBA Plus into our work this year:

• applying GBA Plus to our Treasury Board submissions, operational policies and the application of the Duty to Accommodate policy to promote inclusivity and address systemic barriers, creating policies that are both equitable and practical
• integrating GBA Plus into our Memoranda to Cabinet and decision-making processes to ensure that we consider the intersectionality and experiences of Canadians, fostering better mission outcomes
• embedding GBA Plus into our Code of Conduct to reinforce CSE’s commitment to EDIA as central organizational principles

GBA Plus has become more than a tool at CSE; it’s ingrained in our reflexes, enabling us to lead by example and strengthen our credibility and impact both internally and externally.

Updated Values and Ethics Charter

This year, after a year of review and consultations across the organization, we launched the updated CSE Values and Ethics Charter. We wanted our charter to enable important CSE priorities like truth and reconciliation. We also wanted our charter to be more reflective of our diverse employees, our organizational culture, today’s working environment and Canada’s public service.

Learn more about our updated Values and Ethics charter in the following section, “CSE is transparent and accountable.”

Ministerial authorizations

Under the CSE Act, certain activities must be authorized by the Minister of National Defence. There are different authorizations for the different aspects of CSE’s mandate. Authorizations are valid for 1 year.

Before conducting any activities under a foreign intelligence authorization or cybersecurity authorization, CSE must receive approval from the Intelligence Commissioner. This year, CSE submitted 8 authorizations to the Intelligence Commissioner and all were approved:

• 1 cybersecurity authorization to help protect federal institutions
• 4 cybersecurity authorizations to help protect non-federal institutions
• 3 foreign intelligence authorizations

The number of authorizations for foreign cyber operations this year remained the same as last year. Authorizations are valid for 1 year and may include multiple operations or none.

• active cyber operation authorizations: 3
• defensive cyber operations authorizations: 1

Ministerial orders

The Minister of National Defence signs Ministerial Orders (MOs) to designate people or organizations with whom CSE can share information or provide tailored cyber security support. As of March 31, 2025, CSE had 5 MOs in effect. These MOs designate:

• recipients of Canadian identifying information under the foreign intelligence aspect of CSE’s mandate
• recipients of information relating to a Canadian or a person in Canada under the cyber security aspect of CSE’s mandate
• electronic information and information infrastructures of importance to the Government of Canada
• electronic information and information infrastructures of the Government of Latvia as being of importance to the Government of Canada
• electronic information and information infrastructures of the Government of Ukraine as being of importance to the Government of Canada

No new MOs were issued this year and no existing MOs were amended.

External review

Like any federal government department, CSE’s activities are subject to review by federal review bodies such as the Privacy Commissioner and the Auditor General. These external review bodies verify, on behalf of Canadians, that CSE’s activities comply with the law. CSE supports these independent reviews as they are key to ensuring transparency and accountability in our important work. We value their insights and use them to improve our processes.

As part of Canada’s national security community, CSE is also subject to external review by NSIRA and the National Security and Intelligence Committee of Parliamentarians (NSICOP).

This year, to increase transparency, CSE began publishing its responses to review body recommendations on our website. We published responses to recommendations from 3 NSIRA review reports this year.

Internal compliance

CSE’s compliance team conducts a range of monitoring activities to ensure compliance with internal policies. All of CSE’s internal compliance findings and assessments are available for review by external review bodies.

This year’s statistics include a new category: compliance incidents that do not involve information related to Canadians. This allows for enhanced tracking and analysis of all CSE operational compliance incidents. In 2024, CSE’s compliance team identified:

• 22 operational compliance incidents that did not involve information related to Canadians
• 119 operational compliance incidents that involved information related to Canadians

Complaints

This year, CSE received 3 external complaints directed to the Chief of CSE and responded to 1 complaint sent to NSIRA regarding CSE activities.

CSE also responded to findings and recommendations from NSIRA’s investigation into a complaint involving CSE’s recruitment and security process. NSIRA’s report concluded that all allegations were unfounded, with the exception of 1 which was partially founded. CSE remains committed to continuous improvement and is addressing NSIRA’s recommendations.

Audit and evaluation

CSE’s audit and evaluation teams provide impartial, evidence-based advice and services directly to senior leadership to help CSE achieve its strategic objectives.

This year, CSE completed 2 audits and 3 program evaluations to improve the effectiveness and efficiency of our operational activities. Audit and evaluation functions are subject to reviews themselves, and this year the teams underwent a successful external review and neutral assessment.

Our audit and evaluation program is supported by CSE’s Departmental Audit Committee (DAC), which provides advice and strategic direction. Through its advisory role, the DAC offers an unbiased, professional and independent perspective while remaining informed, relevant and trusted by the Chief and other levels of senior management.

Values and ethics

The updates to CSE’s Values and Ethics Charter reflect requests that we received from employees for more clarity on their obligations and for a charter that better reflects the core public service value “Respect for People.”

Respect is now one of CSE’s 6 organizational values, emphasizing our prioritization of accessibility, anti-racism, equity, inclusion and reconciliation. The updated charter includes actionable principles to guide employees in their daily activities and interactions.

In combination with CSE’s new Code of Conduct—which expands upon the charter to outline specific expectations for behaviour—CSE employees now have a modern and comprehensive blueprint to help them conduct their duties ethically and responsibly as representatives of CSE and the Government of Canada.

CSE also established an annual Confidential Report process this year. All employees are required to complete conflict of interest attestations yearly. This will increase individual accountability and adherence to the charter.

Over the next year, CSE’s Ethics Office will continue to update its scenario-based ethics training and provide guidance on topics such as conflict of interest, personal social media use, non-partisanship and the use of AI.