That's a good question, and I would say this. You need to start small.
I think understanding the role of cyber within the military means you need to have some kind of doctrine around cyberspace operations that is consistent with the existing defence posture. However, because cyber goes across law enforcement, defence, and even domestic issues—for example, countering radicalization or dealing with criminality—it almost requires a wider discussion.
I'm almost a bit surprised that we haven't had a royal commission on cyberspace to look at the ways cyberspace touches all aspects of governance in Canada, because in some ways that's almost a natural place to start before we can start defining specifically how it would pertain to areas like national defence.
However, in the absence of that, I think looking at it sectorally is probably the most prudent way to start.