I believe there are a lot of very real threats to this country, and a lot of them are cyber-threats. I think the concern we are hearing from our community is that this really is a cyber arms race to try to figure out who can build the biggest and most destructive tools the fastest. What we are looking for is to increase our security, to build up our protections, to make sure that we are safe from those types of threats without building the vulnerabilities and the tools that can be actively captured and misused by other governments or other malicious actors who are trying to build those tools themselves.
As much as we would love to believe that if Canada builds these tools we can keep them safe, we have seen that this is not the case. I am sure the NSA felt the same way about a lot of the tools they built. We have seen those misused. We have seen them sit on exploitations that they have used, and vulnerabilities, that then ended up taking down the U.K.'s national health service. These are the kinds of exploitations we're looking to have Canada proactively prevent, to step in to actually increase our security, to build those protections and tools to keep us safe.
While in the short term it might seem easy.... Sorry, I shouldn't say that; I don't think any of this seems easy, because it might seem more simple to try to build the tools to take down the opposition before they get to us. I think in the end it creates additional tools that we don't actually want to be out there. It just perpetuates that environment with those malicious actors on the other side that we're fearing, and perpetuates a culture of fear. I think there are a lot of proactive digital security tools that we can build ourselves to keep us safe. I think CSE already has a lot of abilities, but I believe the active cyber-operations, particularly the ones geared at deploying tools abroad, pose a large security risk for Canada in the way that they could be exploited.