Thank you for the question.
Many of the questions today go back to the heart of what I think we're seeing, a watershed change in the nature of the cyber environment, the types of attacks that are occurring. To the point the member made, there are a wide variety of attacks.
You're referencing attacks at a state level. We're seeing attacks on critical infrastructure in various countries, attacks against the Government of Canada systems from a variety of threat actors. From each one of these either successful or unsuccessful attacks, we all learn something. The international community learns something. One of the things we learn over and over again goes back to my earlier point that we can't be complacent, that we always have to continue to look at our methods, our tools, our techniques, the types of threat actors.
It's impossible to be complacent. You always have to try to stay ahead of this.
The other item I raised before is it has to be a team imperative. No one organization or one country can do everything alone. It very much is trying to work together and bring together the various resources to deal with these complicated cyber-attacks.
Looking forward, we'll have to continue to be very vigilant. The advice that we provide to the Government of Canada, I've given you our “Top 10 IT Security Actions”, those have evolved. We continue to learn from various actions that are taken. We also learn from when people have implemented some of our recommendations. Once those are taken care of, what are the next variety of steps we recommend that people take?
It's constantly evolving, necessary to be a team imperative, and impossible to say we're done; I don't think we're ever going to be done in this domain.