Public Accounts committee  We provide the controls to make sure they could be equivalently secure, but then at the same point in time you have to look at staff and skill set and having the availability, and perhaps some of the scale that cloud providers might have to apply to the problem. It's more of an o

Public Accounts committee  Certainly, we work very closely with our Five Eyes alliance. We have a very good understanding as to what they're all doing. At the same point in time, as a cyber centre, we work with like-minded allies around the world, as well, and try our best to learn from their best practi

Public Accounts committee  Obviously, we do a lot of information sharing and help each other out. That's very important. I think, from a government perspective, we're fairly well positioned, in terms of how we have built up our ecosystem. We'll continue to learn in the critical infrastructure space as we g

Public Accounts committee  From a cyber centre perspective, budget 2022 did provide a significant amount of money to CSE.

Public Accounts committee  From a cloud perspective, a lot of the monitoring we do is directly proportional to the transition or migration of departments to the cloud. As the departments migrate to the cloud, our needs will potentially grow, but currently we are able to monitor....

Public Accounts committee  No, I would say that's not correct. It might have been a reference to cloud-based sensors, which is kind of our definition; we made up the term—

Public Accounts committee  —so it's probably easy to say. At the same point in time, we haven't seen the analogous type of capability through the partners we work with, so I would caveat it as such.

Public Accounts committee  Basically, one of the guardrails, which is very important, is that as a government entity stands up a cloud tenancy, we have to be baked in from the start to be able to get telemetry. We get log analysis and other sorts of data that help us analyze from the start of the instantia

Public Accounts committee  I'm sorry. What was the threat that was high...?

Public Accounts committee  Oh, we've seen a high level of threat activity against the Government of Canada. Risk is different from activity. What we have seen on an ongoing basis, for the greater than a decade that I've been doing this job, is that there is a lot of threat activity against the Government o

Public Accounts committee  You know, we are a prosperous country. We have things that other countries want. We have opportunities for cybercriminals, so I think that is a lot of the motivation. At the same point in time, we want to make ourselves a hard target and bake in the defences we have in order to m

Public Accounts committee  Yes—as we have in the past as well with our cyber-defence services.

Public Accounts committee  The threat against the Government of Canada has been high for a long time. We always talk about the blocks we're doing, as the Government of Canada. In terms of activity, we say it's four to seven billion blocks per day. Those are a lot of reconnaissance activities and other sort

Public Accounts committee  I would agree. The premise of that comment, I assume from the report, was that we had guardrails in place and these sorts of things, but they really have to be put in place and used to have that real-life implementation and a practical result in terms of protecting the system. It

Public Accounts committee  On an ongoing basis, we're assessing the threats to cloud service providers. We're providing threat assessments on those. We're providing advice and guidance for cloud service providers, including for the government and Canadians, in terms of how to secure your cloud systems. On