Refine by MP, party, committee, province, or result type.
Public Safety committee Yes. We actually have that opportunity. I've been involved in giving feedback to Algonquin's program in the past. There's also Willis College. We've talked to them. They have a program, and I've given feedback on how much cybersecurity is in there, on what should be in there, and
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee I can think of a few key differences. One of them is that it's like a dam bursting. In cybersecurity in Defence, they are just waiting to move from what's called “defence” to “active defence” to “cyber-offence” as the legislation gets moved forward, because it's a critical enable
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Yes, we are seeing that issue. For commercial clients, they're much more flexible. If your company has the right reputation and if you have the right people and skills, you can get those cyber engagements. We do a lot of security assessments and design and cloud security work. Th
April 10th, 2019Committee meeting
Steve Drennan
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Not that I'm aware of, but Germany and Europe tend to have a lot more legislation around this. With GDPR and other standards, you might see it there. I'm not a hundred per cent sure.
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee I would say that the other thing, though, is that there are too many passwords, too many different passwords. How many systems does everyone in this room have that they log into just at work? You can actually have a lot of those passwords synchronized, and then make it two-fact
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee We are not as ready as we need to be, but we're not at zero. I would say that, unfortunately, it might vary a lot depending on which group you're looking at. For instance, at the Canadian Centre for Cyber Security they're focusing on analytics and the sharing of indicators of com
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Yes, that's at the core of what is very important to ADGA. ADGA is led by a female CEO. We're very proud of that and of our proud Canadian history and diversity as well. We invest heavily in co-op programs and bringing in people who have emerging skills to get them into cyberse
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Good. I'm glad I get to talk more about it. I don't think there are a lot of standards. When I look at the Treasury Board guidelines and MITS and its requirements, it's not very clear. It doesn't really define what you have to do to train users and to provide a lot of cyber guida
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Has phishing been covered?
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Spear phishing is more accurate phishing. If it looks like the Hon. John McKay is sending a message to all of you and he tells you it is urgent and you have to click on it, you may think about clicking on it because it looks like it's coming from John McKay.
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Well, it was one example. If it looks like it's coming from a position of authority and looks like it's your style of writing and mentions things that are typically in the messages you exchange, it would seem more likely that you should just click on it. They can use pressure. We
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Yes. I think there are two points in here. There's the cyber-awareness training and the passwords, so we'll talk about both. For the passwords, yes, there should be more standards. They're actually easily set by policies. You should set more policies on it. That can be mandated
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee Thank you. On the last point about capability, something that could be introduced on scale, as we were talking about in this theme, could be supply-chain and life-cycle management. CSE, the Communications Security Establishment, which also has the cyber centre, used to run a pro
April 10th, 2019Committee meeting
Steve Drennan
Public Safety committee All right; I'll move faster. The third theme would be about establishing a lot more trust around critical data. The banking and key banking groups could actually become the trusted single source for registration, authentication and credentials. My fourth theme is about user awa
April 10th, 2019Committee meeting
Steve Drennan