Our critical infrastructure sectors are perhaps some of the most sophisticated. They have some of the most sophisticated cyber-defences in all of Canada and are very much aligned with the same sectors in other countries, particularly on the electricity side because of the cross-border side, as well in as finance and telcos.
What systems are in place to ensure that? They have regulators that are extraordinarily diligent—that would perhaps be a good word—in ensuring they are aligned and they have strong defences in place.
There's really nothing that we can add to what the regulators have suggested, but this regulation is important because, to further what John was saying, reporting is one of the biggest challenges we have. We don't have good numbers. We don't know how big the problem is in this country, because the reporting is different. What is defined as a cyber-incident in different reports comes across differently: who has to report, when they have to report and what is reported. We don't have reliable numbers, and that's part of the problem we have.