Leah West - Stress Tested: The COVID-19 Pandemic and Canadian National Security

STRESS TESTED

Leah West, Thomas Juneau, and Amarnath Amarasingam

Marc-Andr Argentino and Amarnath Amarasingam

Casey E. Babb and Alex S. Wilner

Stephanie Carvin and the Students of the Infrastructure Protection and International Security Program, Carleton University

Bessma Momani and Jean-Franois Blanger

Jessica Davis and Alexander Corbeil

Stephanie Carvin

Bill Robinson

Stephen M. Saideman, Stfanie von Hlatky, and Graeme Hopkins

James Cox

Kelley Lee and Julianne Piper

Leah West

Michael Nesbitt and Tara Hansen

Simon Wallace

Adham Sahloul and Diana Rayes

Thomas Juneau

Stephanie Carvin

The COVID-19 pandemic hit shortly after a profound period of change for the Canadian national security and intelligence community. Between 2017 and 2019, the Trudeau government engaged in the most extensive overhaul of the communitys architecture since 1984. In this sense, many departments and agencies were still coming to grips with new authorities, legal regimes, and requirements as the lockdown took hold in March 2020.

This chapter uses interviews with members of the Canadian national security and intelligence community (or what I refer to as the community) to examine how departments and agencies managed their operations during the COVID-19 crisis. It provides insight into how the community dealt with and responded to changes in the work environment and the threat environment. It concludes by examining how senior-level members of the national security and intelligence community think the pandemic experience may affect their future operations.

This chapter is based on semi-structured interviews with ten senior management-level individuals in the Canadian national security and intelligence community, ranging from the Director General to the Assistant Deputy Minister levels. The advantage of interviewing senior managers is that they were generally familiar with the organization-wide response of their department or agency. Four interviewees were part of their organizations COVID-19 task force, established to manage employee safety while ensuring the continued operation of their organizations critical functions. The organizations represented in this study include the Canada Border Services Agency (CBSA); the Communications Security Establishment (CSE), including its outward-facing entity, the Canadian Centre for Cyber Security, or Cyber Centre; the Canadian Security Intelligence Service (CSIS); the Privy Council Offices Intelligence Assessment Secretariat (PCO IAS); and Public Safety Canada (PSC).

For reasons of time and availability, this study has certain limitations that the reader should bear in mind. First, I did not interview working-level employees of the agencies. Thus, it is essential to note that these individuals experiences may be different from that of management. Second, I conducted interviews for this project in January and February of 2021. At this time, a second wave was cresting in Ontario and Quebec, where all of the organizations in this study are headquartered; this fact was captured in the interviews. However, the National Capital Region was also hard hit by a third wave in April and May 2021. Therefore it is important to note that the information in this article reflects the views of interviewees during a specific time during the pandemic, which may have evolved later. Finally, the small number of interviews means that this study provides a window into how national security organizations managed this crisis rather than a comprehensive overview.

Unsurprisingly, one of the first significant challenges for the community as they turned to face a radically new working environment was their inability to access the classified networks necessary to send or receive intelligence products. This restriction made it impossible to hold basic conversations about classified or sensitive issues as regular telephone and internet communication channels are not secure. Even when employees could work in a secure compartmented information facility (SCIF), they often did so with reduced staff operating on a rotating schedule. These rotations meant that urgent messages sent to employees might not be read as soon as necessary if they were not scheduled to work in the SCIF that day. This section looks at how the community dealt with these challenges and the rapidly evolving technology issues by adapting business continuity plans, managing staffing, and addressing the stress and anxieties of employees.

The majority of interviewees indicated that their department or agency had some kind of business continuity plan (BCP) in the case of a major disruption. Unfortunately, such plans proved to be inadequate almost immediately. In particular, many BCPs assumed that incidents preventing access to classified networks would be temporary, and that it would be possible to establish themselves at an alternative location within a few days or weeks. No organization had plans for a long-term disruption of employee access to classified networks or spaces to hold secure conversations. Therefore, as employees were sent home on the evening of 13 March 2020, plans to adapt existing BCPs to new realities were set in motion.

Even if existing BCPs were inadequate, organizations with BCPs benefited from the fact that their plans clearly identified which employees are critical and essential. As one interviewee noted, at the very least, BCPs are good at identifying critical systems and critical services. Therefore, while existing BCPs were often not the correct playbook, the work of designating the agencies critical functions was already complete. Other organizations seem to have relied on their ability to assess a worsening situation. Two interviewees reported situations where managers took it upon themselves to begin purchasing cleaning supplies by early March. As one interviewee noted, Managers went out to find hand sanitizer at Walmart to ensure that critical staff had it.

After identifying the inadequacy of existing BCPs, organizations took various approaches to managing the business of national security in the early days of the pandemic, or, as several organizations referred to this period, Phase Zero. CBSA, CSE, CSIS, and PSC interviewees reported that their organizations quickly set up a pandemic management committee, often including representatives from human resources, occupational health and safety, IT security, and senior executives. While most interviewees added that they incorporated the advice provided by the Public Health Agency of Canada (PHAC) and the Treasury Board, some felt that the advice about procedures was very slow in terms of dissemination, leading them to establish their own processes to keep critical functions operating. One interviewee expressed frustration that there was sometimes an effort to ensure that things were done evenly across agencies, even if responsibilities may differ across units. In one case, an interviewee noted that there was pressure to conform to universal policies, even if units had vastly different tasks, responsibilities, and operating environments, or had put in place their own mitigation measures to reflect the working conditions in their office. In this sense, the interviewee felt that senior leadership wanted managers to be creative, but there was not a lot of serious options given.

Interviewees indicated that some organizations also turned to their international partners to exchange information on best practices. In particular, two interviewees noted that CSIS stayed in contact with international allies to compare notes as to how to function and maintain operations. As one observed, Weve stayed in close touch with all of our partners around the world. And I would say that all of us are tracking with the same challenges and the ways of being able to address them. CBSA stayed in contact with its Border 5 (Five Eyes) partners to share advice on border management.