Thank you so much.
Thank you to all our witnesses for being here today.
Mr. de Boer, you've spoken about mandatory reporting and things like that, but I also want to dive into some of the challenges we've heard in other testimony about the private sector not necessarily wanting to share if they've been hacked or if their systems are vulnerable. I could certainly see that if BlackBerry, for example, which has a reputation for security, ever had a breach: The board or the governance of the company may not necessarily want to promote that a breach happened or that an attack was successful.
How does government partner in order to understand the real-world picture in the private sector, keeping in mind that the private sector might not be interested in sharing this information?