As I was saying, the six case studies, Mr. Julian, illustrate.... They were chosen deliberately by the members to allow parliamentarians, Canadians and readers to understand the practical implications of not taking steps to protect. As I say, the private company...the first time using CSE powers. That's the first time this case study has been made public.
The attack on the CRA called the Heartbleed attack is case study number 3. In case study number 4, the National Research Council was attacked by China. We talked about the loss of 40,000 files. China used its access to the NRC to infiltrate other government organizations. It was very expensive to clean that up—$100 million at least. In case study number 5, huge amounts of data were stolen from DND by a foreign actor. In case study number 6, in 2020, a state compromised the network of a Crown corporation.
Are we slow off the mark to respond to this? I don't know if the committee really examined that. I don't know if we examined it comparatively. We do know that CSE's abilities are now increasingly called upon internationally. We know for example that the government of the United Kingdom has called upon Canada's CSE to help with their cyber-defence systems.
I hope I've answered some of your questions.