I can attempt to answer that one, Mr. Chair.
From the perspective of public safety and critical infrastructure resilience, one of the main vulnerabilities that we see across CI sectors are what I referred to in my opening remarks as the industrial control systems or the operational technologies that run power plants, regulate water pressure in valves or even operate traffic lights. These are some legacy systems that were not necessarily intended to be connected to the Internet but now are, just given the Internet of things and the increasing connectivity across critical infrastructure sectors. A key vulnerability from our perspective is industrial control systems in general.
That wouldn't just apply to the transportation sector. I would say that applies across health, as my colleague from the cyber centre mentioned. The impact there is the interdependencies. If something happens in one sector, there will be a domino or knock-on effect in other sectors. We're concerned with cascading impacts. To that end, that's why our program, with colleagues from the cyber centre, focuses on industrial control system security exercises. Preparing and planning for such events are helpful as well.
In terms of the energy sector, in the previous question, there are a number of exercises that we undertake with the private sector. Natural Resources Canada is the lead federal department for the energy and utilities sector. There are a number of exercises with Canada and the U.S., for example, energy command and GridEx.
We are focusing on those vulnerabilities, namely industrial control systems.