Public Safety committee  Well, we're moving away from email. That's more for productivity reasons. Email is not necessarily being used for what it was created for. There are things such as Slack and other tools that can create more efficient conversations. Earlier we talked about user awareness. People

Public Safety committee  In our cybersecurity team in the organization, we have a lot. We have the ability to hold and process top secret information. We have classified environments. We all get top secret clearance and these extra clearances that we were just talking about. We do that because it enables

Public Safety committee  No, creating more consistency.

Public Safety committee  So that all government departments can have the same clearance. If an entity or a person is trusted to a level of information or a caveat of information, they should be trusted equally wherever they go. They shouldn't need different clearances for different organizations inside C

Public Safety committee  Absolutely.

Public Safety committee  I think the interesting way to look at artificial intelligence—hopefully it's not one of those bad movies that we've seen—and the way I've seen it being deployed now is that it can assist the operators. So when you have a security operations centre and you have operators who are

Public Safety committee  You can feed them everything; just don't let them press the button on everything.

Public Safety committee  Thank you.

Public Safety committee  It's a really key point. I just didn't have enough time to go into it too much, so thank you for the opportunity. We all trust when we walk into a bank, and we all trust when we walk into the Bank of Canada, or one of these trusted places like the Department of Finance. That is

Public Safety committee  The main thing would be that the bank would play a role called a “registration authority”. The bank doesn't have to have the data. I think you've been briefed on tokenization. The data wouldn't have to be held by the bank; the bank could be the enabler of saying, “You are who y

Public Safety committee  Yes, I am in favour of using secure public cloud. That would mean large data storage, but the ability, then, to detect attack correctly when it's happening and protect the data better. In terms of protecting that data, there are lots of mechanisms that can be used. For example,

Public Safety committee  I'm speaking from some first-hand experience, but it's probably because PKI, or public key infrastructure, can be a bit of a big hammer in actually deploying certificates. Then what assurance of certificates are you deploying, and are they proprietary? S/MIME was very good, but

Public Safety committee  I don't think the discrepancy is the issue. I think the issue is time. Now you're losing a year or two years sometimes before you can get key people in on engagements. For some of the cyber knowledge you want, you could take a group of people—I think we talked about how people ca

Public Safety committee  Yes and no. I think we can go to the Five Eyes community and get a lot of that talent and have comparable clearances, but yes, we should also look at extending to other countries. How do we have a fast track clearance process from other countries so we can trust individuals for i

Public Safety committee  Yes.