What is the Commercial-Off-The-Shelf (COTS) Products Security Guidance Program?
The Government of Canada continues to increase its presence on the Internet, seeking to deliver more of its products and services to Canadians via electronic and online means. While each department has its own unique offering, they all have a common cyber-security challenge to overcome: how to mitigate the threats and risks that seek to undermine or disrupt the delivery of these products and services. In order to help protect networks from cyber-attacks, GC departments procure and install Commercial-Off-The-Shelf, or COTS, IT security products. While these products can contribute to the security of the network, simply acquiring them does not mean they will automatically or successfully defend against typical cyber-threats. The Communications Security Establishment Canada (CSEC) is mandated to, “Provide advice, guidance and services to help ensure the protection of electronic information and information infrastructures of importance to the Government of Canada.” The COTS Security Guidan
Related Questions
- How is the IPTI different from Commercial-Off-The-Shelf (COTS) products on the market today or applications developed by the Government or Military?
- What guidance is available regarding "the appropriate combinations and implementation of GOTS, COTS IA and IA-enabled products"?
- Is there any acquisition guidance for COTS products under NSTISSP #11?