The first recommendation would be to the government, as a player within critical infrastructure, to get it right, to take the series of reports on this subject and to tiger team those reports and look at how we're going to better protect the government infrastructure.
As I mentioned earlier, there was a report by the committee that was accepted very broadly. It covers 169 federal organizations. I think the first step would be to understand the threats that are prevalent in each one of those 169 organizations to ensure that they are reporting on those threats, identifying gaps and identifying how they're going to lower those gaps.
I think it's very difficult to go out to providers of critical infrastructure and tell them what they must do, if you're not doing it yourself. I think the funding, the teams and the people are there to accomplish this. Teaming across government departments is not always easy. They come with different cultures. They have different mandates, but I believe we really have to ensure that we can do so.
Number one would be for the government to get it right.
Then, of course, we need to look at how we are providing, how the government is providing, advice and guidance to critical infrastructure providers and others. I would really want to look at the number of organizations out there that are supporting cyber-environments, such as CCTX and others, and how can we harmonize that level of support to Canadians and Canadian infrastructure.
The reason I say that is there is a wealth of organizations. Some security officers are really looking at who they should talk to, amongst this wealth of organizations. Where will they get that valued information and who can be that trusted partner? Those are some of my recommendations.