Public Safety committee  Forty companies are principal members of the association, from the largest electricity companies in the country, such as Hydro-Québec, down to the municipal utilities in Ontario.

Public Safety committee  All of them.

Public Safety committee  Absolutely. Depending on the size of the organization, of course there would be variability, but all of those that are involved in the bulk power system are covered by the North American Electric Reliability Corporation's mandatory cybersecurity standards. As a result, those companies have very robust and consistent cybersecurity programs.

Public Safety committee  As has been mentioned already by this panel...not in Canada but in other jurisdictions. We've seen a loss of pipeline in the United States. In Ukraine, in 2015, we saw, for the first time anywhere in the world, a successful cyber-attack resulting in a loss of power to customers.

Public Safety committee  When a cyber-event is occurring, do we want our people working on paperwork for regulators or do we want them, at that moment, working on securing the systems? First and foremost, we want to have people working on securing the systems, and then looking at the reporting requirements.

Public Safety committee  It would be, except that if the definitions are going to be different, it means having a separate and different reporting structure and different definitions. In fact, not entirely joking, I said a number of years ago, when the government was beginning to move along this path, that they potentially could look at the NERC cybersecurity standards and look at replicating those for other Canadian critical infrastructure sectors.

Public Safety committee  Absolutely.

Public Safety committee  Thank you very much. Mr. Chair, this is an excellent question. Do we rush the bill through or do we amend it to make it right? My response is, let's do both. Let's rush this bill through, but rush it through while taking into consideration the 14 recommendations that we've made and make the amendments that respond to those 14 recommendations.

Public Safety committee  Thank you very much. With respect to the bill not significantly adding to the security, and in fact potentially diverting attention, it is not an issue with the bill itself. It's that the bar has already been raised higher than what's in Bill C-26 as a result of the mandatory standards our sector is already subject to through the North American Electric Reliability Corporation standards regime.

Public Safety committee  Thank you very much. Those are two very good questions. On the first question, with respect to the consequences of delay—and this relates to your second question as well—we've been engaged in discussions about this gap, given that we're a sector that has had mandatory reliability and mandatory critical infrastructure protection standards for a decade and a half.

Public Safety committee  Yes.

Public Safety committee  Our concerns are more with respect to treating different entities within the Government of Canada differently when it comes to the protection and the use of information, specifically with respect to the Canadian cyber centre. That's where our area focuses with respect to the use of the information itself.

Public Safety committee  Thank you. That is absolutely an excellent question. My remarks and our brief focus specifically on that interface between the bill and our NERC requirements, which are quite onerous. The member is absolutely correct. There are other requirements that come into play at the different levels of government, as well, and also internationally.

Public Safety committee  Thank you, Mr. Chair. I'm CEO of Electricity Canada, formerly known as the Canadian Electricity Association. Our members are companies that generate, transmit and distribute electricity in every province and territory in Canada. My comments today will focus on part 2 of Bill C‑26, which enacts the Critical Cyber Systems Protection Act.

International Trade committee  It's a good question. Are we on track? No. Are we heading in the right direction? Yes. We have an organization in Canada called Electricity Human Resources Canada that both the Canadian Renewable Energy Association and Electricity Canada partner with through the Electricity Alliance Canada.