Government Operations committee  I would have to look into anything that we do have. Under our current existing security review program, we have relationships with the majority of the telecommunications providers around Canada. We do talk to them about their overall deployments and their plans, but it is relat

Government Operations committee  In terms of the government accepting the report, I think the report you are referring to, Mr. Paul-Hus, if I understand correctly, is the cybercrime ransomware report.

Government Operations committee  It would be unacceptable, I think, for an unelected public servant to speak on behalf of the government, the elected government. However, we certainly do look for any activity we can take to bolster our defences against ransomware, something that we're taking very seriously as pa

Government Operations committee  Absolutely, I'd love to talk about that. There are a few aspects. First of all, we have been working with multiple entities across the sector on providing basic advice and guidance on cybersecurity, but also specific threat information. Early in the pandemic, along with our alli

Government Operations committee  This is one of those areas where at previous meetings I've talked about a service called Canadian Shield, which is a service we work with with the Canadian Internet Registration Authority. Let's say you get an email with a piece of malware, and it says, “Click on this”, and it's

Government Operations committee  Thank you, Mr. Chair. Quickly, I think the digital operations strategic plan lets us ensure that security is built in from the start and forefront and is thought of at the beginning, and also in setting priorities. The fact is we have limited security experts, so it makes sure

Government Operations committee  There is a continuing range of cyber-activity that we face every day. As I mentioned a few minutes ago, we take between two billion and eight billion actions per day, on average around seven billion, because of cyber-activity targeting the government, but to my knowledge—

Government Operations committee  I would probably turn to my colleague Monsieur Brouillard to answer from the Treasury Board perspective, but as far as I know, from my perspective, we've managed. We have not seen any disruption because of cyber-attacks to the Government of Canada. There have been cyber incidents

Government Operations committee  Thank you for the question. There are a few things to consider. Yes, it is the most used software, so of course anybody looks to the most frequently used software in terms of malicious actors. However, it's also the software on which the most security researchers have already be

Government Operations committee  Mr. Chair, I think that's a great question. One of the areas where, in terms of credential stuffing or information theft, the amount of information that's already been stolen about so many of us from different data breaches and is reused against the government is the threat.

Government Operations committee  Mr. Chair, I think I'll turn to my colleague—

Government Operations committee  We're really talking about two different things, Mr. Chair. I think there's the number of data breaches that have happened. The Privacy Commissioner of Canada, in our national cyber-threat assessment where we highlight this, said that 28 million Canadians last year had their info

Government Operations committee  I think that would be a pretty unlikely scenario, to be frank, because that wasn't what we saw happening here. We saw Canadians being impersonated in this activity where they were using their legitimate credentials, so essentially logging in as them. I think that's kind of my ove

Government Operations committee  That's a great question, and you have the right group here. It's the tripartite that would really look to say how we would make sure the government is robust. Marc would lead that as the CIO for the government. So yes, the answer is that, in some cases, legacy does work in our fa

Government Operations committee  Sometimes it's so old it just doesn't connect to the Internet. In most cases, though, this is where Shared Services Canada, our perimeter strategy, making sure that we're ringing security and layering different elements of security to afford that level of protection.... We do tak