Bill C-8, which is now before Parliament, requires the critical infrastructure sector to implement cybersecurity programs and mandatory incident reporting.
Reflecting on a broader legislative philosophy that graduated compliance tools are more effective than relying solely on criminal enforcement, does the RCMP believe a similar graduated approach, which could potentially include the commissioner having access to more administrative penalties, mandatory training and temporary bans before criminal referral, would provide better compliance outcomes in a lobbying context?
