Within the government, the Canadian Centre for Cyber Security does monitor government departments. We have a variety of sensors. We look at networks, hosts, the cloud. We gather all this information. We have analytics that run. We take automated actions to defend the government.
Occasionally something gets through and there is an incident. In that case, we have a shared inbox, basically, for all government departments to notify us of the incident. Otherwise, we are typically notifying the departments of incidents that have happened. We assess the severity of the incident.
If the incident is looking like it's going to expand beyond the simple control of a single department, then we escalate through a process called the GC CSEMP, which is the cybersecurity event management plan led by TBS. That involves a variety of stakeholders, mainly the tripartite, which is CCCS—the cyber centre—Treasury Board and Shared Services Canada. There's a very structured process in which we escalate through that program by calling on different levels of communications and whatnot involving different departments.