Again, I think part of the problem is that currently the heart of the capabilities that the government has for doing attribution-type work lies in an institution that was never designed to do so—the CSE—hence my comment earlier on that I think there are capabilities that currently are, for all the right reasons, centralized within CSE, but that actually have to be migrated out. Either they have to be migrated out to other government departments or we should be looking at creating a civilianized, non-military, non-intelligence institution that would coordinate cybersecurity across the board.
Again, I would emphasize that we have much to lose here. We are not Estonia, where you can drive across the country in six hours, or Israel. We are Canada, where it takes six or seven hours to fly across the country. What we lose by losing critical infrastructure can be far more catastrophic, and therefore, this really does require a strong policy emphasis.