Frequently Asked Questions

What does CCTX stand for?

Canadian Cyber Threat Exchange.

What is the Canadian Cyber Threat Exchange (CCTX)?

The CCTX is a private sector initiative that is a cross-sector, not-for-profit, membership-funded organization that was launched in December 2015 and became operational in February 2017. The Board of Directors is comprised of senior private sector members and supported by government and academic advisors. Membership in the CCTX is available to all privately-owned Canadian businesses and multi-national organizations legally registered to conduct business in Canada.

When will the CCTX be operational?

The CCTX is operational now. Data is flowing into the CCTX Data Exchange, being analyzed, and threat reports are being issued. CCTX Subscribers are participating in collaboration groups and are coming together to solve cyber security problems.

What does the CCTX do?

The CCTX, through the CCTX Data Exchange, provides a current, focused view of cyber events directly impacting Canadian business along with mitigation options and tools to combat or nullify identified threats. By aggregating threat, vulnerability, and risk inputs and applying analysis to convert this raw data into pertinent, timely and actionable information, the CCTX adds value which it shares with its participants. The CCTX Collaboration Centre provides a forum for the exchange of best practices, techniques, and insights.

Who runs the CCTX?

The CCTX is governed by its members via a Board of Directors. Each Director serves a two-year term and is elected by other Members. Day-to-day management of the CCTX is the responsibility of the Executive Director, who is appointed by and reports to the Board. The CCTX’s business applications, infrastructure, and training and logistical support services are provided by a Managed Security Service Provider, accountable to the Executive Director.

How is the CCTX different from other cyber information sharing groups?

There are numerous information sharing analysis centre organizations, which have a sector-specific focus that is both domestic and international. The CCTX will provide a cross-sector, exclusively Canadian perspective. CCTX information and analysis will be based on public and private sector inputs of real events affecting Canadian business. The CCTX operates with a global view of the cyber threat environment. However, CCTX information will not be diluted by international information that is not pertinent to the Canadian landscape or economy.

What is unique about the CCTX?

By actively participating in the sharing of cyber threat information and collaboration forums, participants will become stronger and better prepared to mitigate or eliminate new and evolving cyber threats – not only stronger as individual organizations, but stronger collectively. Today, private and public sectors do not have a complete picture of Canada’s cyber security posture or a consolidated view of cyber threats impacting the nation. The CCTX aims to meet that need.

What is the benefit of joining the CCTX rather than a sector-specific information sharing organization?

The CCTX provides two significant benefits:

1. Subscribers receive actionable cyber threat intelligence from the CCTX Data Exchange. That intelligence is based on input from all sectors of the economy. Cyber attackers are sharing the attack techniques they are using across sectors, so CCTX members are also sharing. Members receive the benefit of multiple types of defences used across all sectors. The contextually-rich data subscribers receive increases the effectiveness of their decision making.

2. Experts in subscriber companies participate in the CCTX Collaboration Centre in communities of trust and communities of interest where they interact with other professionals to solve their cyber problems. Sharing can focus on a single issue, an attack campaign, or the latest threats. Best practices, techniques, and insights from a diverse community of professionals are exchanged.

Who is eligible to join the CCTX?

The CCTX is open to all privately-owned Canadian businesses and multi-national organizations legally registered to conduct business in Canada.

How can my company join the CCTX?

The CCTX is now recruiting member companies of all sizes and means from across Canada. Organizations interested in joining the CCTX should contact info@cctx.ca.

Why should my firm join the CCTX?

CCTX subscribers gain a focused perspective on cyber threats that could impact their business. They receive advanced mitigation information about cyber events in other business sectors that may migrate to their organization or sector. They collaborate with other cyber security experts in sharing best practices, techniques, and insights. Cybercrime is global in nature. By actively participating in the CCTX, member firms will be doing their part to help protect Canada’s economy and strengthen our nation’s ability to combat cybercrime that is undermining the health and prosperity of all Canadian business.

How are CCTX services structured?

The CCTX offers three levels of service designed to meet the needs of Canadian business of all sizes and means. Subscriber services provide a comprehensive set of information and participation options designed to meet the needs of large businesses with more than 500 employees. In addition, three levels of Associate services are available for: Institutions such as academic, medical and municipalities; medium businesses with between 100 and 499 employees; and small sized businesses with less than 99 employees. Business associations are invited to participate as CCTX Affiliates.

How will private citizens benefit from the CCTX?

The CCTX will provide information and toolkits to assist individual Canadians to address basic cyber security issues. Instructions will provide guidance on how to leverage the information and toolkits provided.

Who has access to CCTX information?

Access will be restricted to authorized individuals from each CCTX participating organization. No public access to participant information will be permitted.

How is privacy protected?

Privacy is critical to the success of the CCTX. By providing solutions and services that incorporate internationally recognized Privacy by Design principles, developed by Dr. Ann Cavoukian, the CCTX will face privacy concerns head on. It will routinely monitor the effectiveness of privacy controls and will hire an external third party to annually audit operations to validate that privacy is being respected and protected.

From where does the CCTX obtain its information?

Sources of threat information will come directly from participant organizations, commercial companies who gather this type of information, government agencies, academic cyber research programs, and other trusted sources, to provide a comprehensive Canadian perspective.

What is the source of the CCTX data feeds?

The CCTX is fed anonymized structured and unstructured threat and vulnerability data from members and associates and from government and commercial sources. Threat inputs are triaged, analyzed, processed, and distributed to subscribers, in a manner that provides unique contextual information, rendering actionable intelligence which can be shared through message boards, secure e-mail, reports and the CCTX document repository.

Is the CCTX a Government of Canada initiative?

The CCTX is not a Government of Canada initiative. The founding members consulted with Public Safety Canada, lead for Canada’s Cyber Security Strategy, and the Communications Security Establishment on how the CCTX can best work with Government. For more information, contact Public Safety at media@ps-sp.gc.ca or Communications Security Establishment at media@cse-cst.gc.ca.

What is the benefit in receiving information from CCIRC and CSE through the CCTX?

The CCTX will be receiving cyber threat information from two Government entities:• Canadian Cyber Incident Response Centre (CCIRC), which acts as Canada’s national cyber emergency operations centre and supplies a variety of threat reports; and,

• Communications Security Establishment (CSE), which is the government’s lead technical cyber agency. They monitor and actively defend federal government systems and identify, prepare for, and respond to sophisticated cyber threats.The CCTX has partnered with CCIRC and CSE to provide a much broader, contextually-rich feed of data to CCTX subscribers.

What information will be provided to CCTX from the Communications Security Establishment?

Cyber threat actors — including foreign states, hacktivists, criminals, and terrorists — continually probe government systems, looking for vulnerabilities to gain access to a computer system. Every day, thousands of attempts are made to compromise the integrity of government networks. Reporting from CSE will provide indicators of compromise related to malicious activity seen on government networks. These are high confidence indicators, such as IP’s and domain names, that have been compiled by the CSE Cyber Defence team.

How much does it cost to join the CCTX?

CCTX Member services cost $50,000 per annum. Fees for Associate services for Institutions and medium-sized businesses are $20,000 per annum, and for small-sized businesses, the fee is $2,000 per annum. Business Associations will be able to join as CCTX Affiliates at no cost.

What do I get for my money?

The CCTX offers a variety of value-added information sharing and analysis options including cyber alerts, an ability to anonymously submit and receive threat information, threat conference calls, participant surveys, membership meetings, and educational events. In addition, members will have an opportunity to gain valuable insights and information from other participants through participation in Communities of Interest and Communities of Trust. The communities provide forums where professionals can interact with other professionals to solve their cyber problems. Subscribers will have an opportunity to exchange best practices, techniques, and insights.

What are the annual fees used for?

The CCTX is a not-for-profit organization, therefore the annual fees cover the costs of service delivery and administration.