Public Safety committee  From our perspective, one of the things we highlight in the national cyber-threat assessment is that we have to be vigilant against every nation-state, and certainly cyber-techniques are within the realm of every nation-state. Some are more aggressive. Certainly in the past, CS

Public Safety committee  I think we should be vigilant against anybody who doesn't hold our values.

Public Safety committee  I think there are a few things. Maybe I'll turn to Eric to talk about some of the specifics. First of all, in terms of our collaboration with the RCMP, we want to ensure that we are never in the way of the police doing their function of investigations and pursuing cybercriminals.

Public Safety committee  I think the key thing we were referring to there in terms of nation-states is that they have specific objectives. Absent a major international conflict, etc., we said the threat of disruption was very low, in terms of the threat to Canadian infrastructure, but there is some natio

Public Safety committee  I think the goal is to leverage the Team Canada approach and bring in the proper authorities. Obviously, it's Parliament's role to debate those authorities and assign them to organizations, so I won't comment on that. For us, the key thing here is that we want to bring in the ri

Public Safety committee  If it's coming from within Canada, that doesn't change. The provision still says that CSE cannot direct its activities against Canadians.

Public Safety committee  We're using whatever tool is the appropriate one at the time. If Bill C-59 is passed by the Senate, gains royal assent and comes into force, then we would re-evaluate how we approach these problems, given those new—

Public Safety committee  That is correct. As we've said repeatedly, we have a tendency to re-victimize the victims of cybercrime. We publish, and we punish them. We're looking for them to take ownership and respond. Our goal is to help them recover, to help them defend, and then to share the information

Public Safety committee  No. However, one of the trends I have certainly seen with larger companies and boards of directors is that cyber-risk is becoming the number one topic. I think we're starting to see that trend now. It is becoming a huge reputational risk, but also a huge business continuity risk

Public Safety committee  In our discussions, and the discussions I've had with numerous companies' C-suites or boards of directors, it's very much about the reputational damage. It's hard for them to calculate the cost of that. We certainly saw reputational damage in some of the larger U.S. breaches. I t

Public Safety committee  When you look at this, you're absolutely right. The human factor is part of cybersecurity. We tend not to put security on top of our products sometimes if it makes it harder for a user. It's all about usability. I think part of it is also education, but you can't rely on that. F

Public Safety committee  I think there are a few. Typically, we would call that the “insider threat” side of things, where somebody who's going.... There are a few ways to do this. Number one is actually the credentials that we talked about earlier—making sure that people can do only the things that are

Public Safety committee  Right now we're not finding difficulty with the private sector in terms of engagement. They are very willing to come to the table, partner with us, report incidents, work together collaboratively when they see something, or when we see something. I think Canadian industry very mu

Public Safety committee  If you look from the policing perspective, certainly our goal is to try to get people to go to the police when they are victims of these types of scams, so the police can take action. I think that's one of the first things, to encourage people that the police aren't going to come

Public Safety committee  We're talking partnerships right now. We take a partnership approach.