It's a mix of both. We strive to always be proactive, really look at what a malicious cyber-actor would be doing, and try to get ahead of the threat. Especially in our defence of the Government of Canada, we've invested really heavily in proactive defence, taking action to thwart the activity before it is a costly breach, that type of thing. Unfortunately, though, with the dynamics of cybersecurity and the cyber-threats that are out there, threats sometimes evolve very quickly and do get through, so we have to respond to events as well. We work to minimize that. Every time there's an event, we also try to learn and apply defences so that it can't happen again that same way.
So it's a mix of the two.