Public Safety committee  I think that one of the things that's really important is that my role here is to advise and implement on policy, and policy decisions go before the government and the elected officials. I have to be careful not to take away our.... It's not my goal to.... I'm not elected, so I r

Public Safety committee  Yes, absolutely. I'm happy to answer that. First of all with regard to DNS, the Internet works on a series of numbers and we go to www.website.com, but the Internet doesn't understand what that is. DNS translates back into the actual address on the Internet, which is called an I

Public Safety committee  I think there are a few things we talk about in the security realm. We talk about confidentiality—protecting the information itself—then the availability and then integrity of what's being transmitted so that you can't change it en route. You're really talking about availability

Public Safety committee  Yes.

Public Safety committee  I think there are a few things I'm.... I'm a little concerned. The report is meant to inform; we're hoping not to scare. We believe that fear doesn't really motivate Canadians, in most cases, to take action. However, what we are hoping is that we can give Canadians simple things

Public Safety committee  I think there are a few things. Certainly, embarrassment and shame and fear about a potential loss of business are preventing organizations from reporting. In cybersecurity, unfortunately, we tend to punish the victim and not the perpetrator in our actions as citizens. We tend t

Public Safety committee  I can. It's really the Canadian Internet Registration Authority's project, and I'm hoping that I'm not scooping them, but they did advise us that earlier this week we now have 100,000 Canadians using the service. That's a good number—although not as much as I would like, honestly

Public Safety committee  That's actually a great question that I was really hoping someone would ask me. It wasn't an easy decision to name countries because it immediately draws the attention from all the other aspects of the report to the four countries named. However, in reality, we, the Government C

Public Safety committee  Thank you for that question. There's a lot in there. We have been working since the beginning to build up the resiliency of the health care community. One of the things we have been working on, which we've done in partnership with the provinces and territories—which clearly have

Public Safety committee  Mr. Chair, that's a really great question. I'm glad to get the opportunity to address this. We've been working with Canada's critical infrastructure providers for quite a while. Now, we do have to concentrate on the ones that are most at risk, so when we talk about the electric

Public Safety committee  Thank you for the question, Mr. Chair, and your comments on the report. I think there are a few things. If we look at cybercriminals, they very much reply upon an extremely developed ecosystem that relies on things like anonymous financial transactions—Bitcoin and the like. Havi

Public Safety committee  The value of attribution is pretty variable. The primary value of being a cyber defender and somebody who is worried about cybersecurity is that it spurs action. When we do an attribution, it tends to get organizations to take seriously the alerts we put out. When we say, “You ne

Public Safety committee  Thank you very much for that, Mr. Chair. Good afternoon, committee members. Thank you for the invitation to appear today to discuss cybersecurity and specifically the “National Cyber Threat Assessment 2020” report released on November 18. As the head of the Canadian Centre fo

Health committee  Yes, we have had successful breaches. We've been looking to continue to reinforce other research institutions, including through proactive advice and guidance. One of the challenges, I think, that's mostly unknown is that research institutions tend to be what we would call more o

Health committee  Typically, if there is an attempt to compromise a health organization, we would respond from the cyber centre. We've done a few different things. The first is alerts. When we see anything that a health organization needs to take action on, we issue those alerts, and they're tim