I think there are a few things. We are taking quite a bit of action to try to raise that bar on cybersecurity, some them very public and some of them private. We are doing things. We have things that we call “strategic mitigation plans”, which directly address the threats mentioned in the report, one on cybercrime and one on protecting critical infrastructure. “Defending democracy” was the first one. Beyond that is the operations plan and then actual operations, which could involve defensive cyber operations to protect and take action, if we need to. That's really leveraging the mandate that Parliament has given us as part of the CSE Act and making sure we are doing it in a holistic way.
The second piece for us, though, is to make sure we're also getting practical information out to folks and working with them so that they can take action on their own. That's what the report was about, to say that these are the threats we're facing. If Canadians read the report, which I hope they do—I'd be thrilled—they can take some of those basic actions. They can follow Get Cyber Safe. Small and medium-sized organizations can read our advice and guidance on small and medium-sized organizations and look at whether or not they're addressing their cyber risks. Then that goes to CyberSecure Canada, a program that Innovation, Science and Economic Development Canada launched. It's something they can leverage to say, “Hey, I've done these things. I have a cybersecurity checkmark.” That's something I would like to see us use as a bit of a measure for Canadian companies, as a bit of a competitive advantage. They have this checkmark. They've done this.
Those are things that could be done directly from the report: Understand the threat, know where you're at risk, and then take action to reduce that. We have a lot of information out there that hopefully empowers Canadians to make those choices.