OTTAWA — The federal auditor general says there are “significant gaps” in the government’s cybersecurity services, monitoring efforts and responses to active attacks on information systems.
In a report released today, Auditor General Karen Hogan says the federal government must continually bolster its defences as cyberattacks become more sophisticated, pervasive and harmful.
Hogan found not all federal organizations were subject to the same security policies, resulting in the inconsistent use of available protection services.
Her office reports agencies responsible for cybersecurity lacked a comprehensive, up-to-date inventory of government devices and assets such as laptop computers, smartphones and servers.
The report says a lack of information-sharing delayed the government’s response to a significant cyberattack in January 2024, allowing the attacker “prolonged access” to personal information.
Hogan found an initiative to set up a cybersecurity collaboration platform and an incident case management tool had not received funding at the time of her audit.
This report by The Canadian Press was first published Oct. 21, 2025.
Jim Bronskill, The Canadian Press
