BlackBerry, because it created devices, was very focused on ensuring that all of the components in those devices, including software, were what they said they were. We even developed software that helped us identify the provenance of each component.
This is a huge concern in the U.S. You have executive order 14028, which is about the nation's cybersecurity. It mandates what they call a software bill of materials that would basically produce an ingredients list of all software contained in every device. Right now, if you ask people what software is in their system or in their device, very few people know about it.
Part of the problem is also open-source software. This is free software available on the Internet that is used widely, but there are high security vulnerabilities there.
I think one thing that Canada should consider that many other countries in the EU and the U.S. are considering is making sure that there's a commitment to secure-by-design principles. You can't bolt on security afterwards.