Thank you so much.
In the coming weeks, NIST is going to be recommending some post-quantum algorithms. I would recommend that the Canadian government mandate or look into how to encourage businesses, in a regulatory sense, to invest in this. I don't exactly know how that would look, but it certainly needs to be considered. Internally within the government, it should be considered how to ensure that the critical infrastructure is provably secure.
This post-quantum encryption may or may not actually hold up over time. One of the finalists for that NIST competition, which has been under way for years, just fell to a classical computer laptop hack, so it's not clear if these things will stand up. I absolutely hope they do. I think we should layer them all in and, in addition, put some insurance down on QKD or one-time pad infrastructure for the critical infrastructure.