The Royal Canadian Mounted Police (RCMP) has taken stringent steps to intensify its internal security protocols. The initiator of these changes was the 2019 arrest of a senior civilian member of the workforce, accused of leaking confidential information.
Actionable measures include obligatory security awareness training for all RCMP staff. The department has also bolstered the visibility of its internal security operations alongside amplifying easy-to-use methods for reporting security vulnerabilities. A plan of action to manage potential data leaks from personnel is also underway.
These modifications are consequences of a comprehensive executive scrutiny carried out by RCMP in June 2020. The review advocated for a transformative shift in the national police force’s security culture, reinforced from the top tiers of the department.
Last year’s report proposed a total of 43 strategic changes, such constituted by training intensification, stringent adherence to federal security screening codes, and the possible execution of random physical inspection.
The review was established post the detention of Cameron Jay Ortis, who operated as the director general of the force’s National Intelligence Co-ordination Centre. He is due to stand trial in Ontario, charged with breaching the Security of Information Act with multiple alleged leaks, intrusion of trust, and a digital offence.
The review team, led by a retired RCMP superintendent, thoroughly examined past audits, assessments, and security-incident files, using the findings of the Ortis investigation as an informational reference.
Preserved within the report is a significant finding which revealed that the RCMP did not mandate security awareness training, creating an attitude of bending security restrictions to facilitate job completion. There were noted deficiencies in the management of IT assets, specifically, portable storage devices. Unwarranted accesses to secure computer systems were noted to be commonplace.
A refutation surfaced that employees hesitated in reporting security breaches owing to personal or colleagues’ implications. A handful of suggestions garnered during the inspection were deemed too confidential to be disclosed.
Marie-Eve Breton, the spokesperson for the RCMP, acceded to an inquiry by The Canadian Press, confirming that while many recommendations have been incorporated, others are in development.
Online reporting has been made convenient for employees to mark incidents, threats, and susceptibilities. Additionally, a mandatory security awareness course has been arranged for RCMP regular members, civilian members, and public service employees to elevate their comprehension of security roles and responsibilities.
Other implementations include ongoing internal advisories on the security roles of all RCMP employees, a superior IT security model, and restricted high-security zones. Departmental security is now a stand-alone program within Specialized Policing Services. An insider risk mechanism is being devised to proactively counteract internal security issues.
While the RCMP continues to have faith in its current security screening processes, Breton noted an evolving threat and risk landscape. As such, the RCMP pledges to a ceaseless examination and fortification of security practices to guarantee the safety of information, assets, and employees under their guardian ship.
These efforts align with Canadians’ national security community’s constant battle to manage confidential information leaks throughout the last year, which implicated allegations of foreign intervention in Canadian affairs. In direct response, the RCMP has launched a criminal investigation into these violations, which also included the clandestine revelations of information produced by the Canadian Security Intelligence Service.
