Thank you very much.
That's an excellent question. In fact, we have done a number of things. The first thing we did was we surveyed our community departmental security officers extensively to understand what they believed were the needs across the community for more security awareness. With them we have essentially developed a Government of Canada security training framework and a security professionals training working group. We recognize that working on the awareness of every public servant regarding cyber-security is also an important part of the effort. Development through the framework of training materials is under way.
As part of the October cyber-month, we also try to participate and stress that to all public servants. We're also working quite a bit on the issue of awareness of good cyber-behaviour on a departmental basis regarding things like, for instance, not opening up all attachments when they come in through e-mails, because despite the best spam filters or filters in general, there are very clever ways of luring people into accessing e-mails that are in fact bearing malware.
We're also currently nearly finished developing an IT policy information notice that will go out to departments on what they need to do to secure portable media, and to raise awareness of the fact that portable media are a way to introduce threats if you load them into government systems. So we're working on a number of areas to raise awareness within the community at all levels, at the employee level, at the IT level, at the departmental security officer level, as well as with all executives to ensure that everyone understands their role in maintaining proper security.
