Refine by MP, party, committee, province, or result type.
Public Safety committee I'm not sure what actually would be the method for that. I think there are a few different things, depending on the technology you're implementing. Sometimes it would be that the provider can provide the information, or they can design it. In a lot of cases they're designing it s
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee I think that's absolutely the case. We rely on private infrastructure that runs our critical infrastructure, which is built in the commercial space. Pretty much gone are the days of government-produced equipment. We can't keep up with the rapid innovation pace that the private se
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee I can't see doing this without collaborating with the private sector.
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee When we're talking specifically about 5G, meaning fifth-generation telecommunications networks, the best security outcome for anything related to 5G is really an environment with multiple vendors where you're able to put security protocols or security appliances in at different l
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee Patching is number one. It really is. The second one, depending on what infrastructure you're using, is just not logging in as administrator, not logging in with super privileges, etc. That's a simple thing. It just slows things down. There is also backing up your data. If yo
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee In some cases, it's inconvenient. It's inconvenient to update. It's inconvenient to run the patches, etc. In other cases, people just don't see the need. They say, “It's working for me. It's good enough” or “I'm afraid I'll break it.” That's kind of an unfortunate legacy of our i
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee We actually have a program called the cryptographic module validation program, which we use to actually strengthen encryption and make sure it is done properly. That's something that we work with the commercial sector on in terms of making sure that the products we use in governm
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee I think if you're looking at it from the provider's point of view, there are some providers that are able to get to that data, so how do you provide that access, under what lawful authorities, etc.? You can ask, because it's not encrypted when it's, for example, on a vendor's ser
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee Certainly, we'd look to work with the RCMP on that to engage all law enforcement and to follow their lead on that. In terms of financial contributions, it's not really within our authority or remit to do those types of things, but we do offer training. We run our IT security lea
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee In terms of training and helping...?
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee I think there are a few things. It's in cyber-literacy. It's in demystifying IT. We've made it the domain only of experts, and yet we all use it every day. Most people are scared to actually touch it when it breaks, etc. It shouldn't be that hard. As an industry, we have to get b
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee Sure. Assemblyline is the system we use when doing malware analysis. Let's say you're getting a malicious file. How do we break it down and basically do all the cyber-analysis? We automate it. That's how we scale for the government. It wasn't done by people; it was done by automa
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee In terms of what worked really well, it was aimed at cybersecurity professionals, people who do this for a living, and we did see pickup around the world for it. Also, people are contributing back in. It is a lot of work to maintain an open-source project. When we release this,
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee We made the tool available. We didn't make our instance of the tool available. You can download the software, install the software on your system, and run it in your own environment to protect it. It's not connected in, so you don't use our instance of the tool, and we don't coll
September 20th, 2018Committee meeting
Scott Jones
Public Safety committee That's one of the goals of the cyber centre: to be more open and transparent. In fact, we're making sure that we have a facility where people can come in and work. If you come and visit CSE now, we take all of your technology away because you're entering a top secret building. Th
September 20th, 2018Committee meeting
Scott Jones