National Defence committee  In some cases, there's a close relationship between the state apparatus and some of these cybercriminal organizations.

National Defence committee  Maybe Alia can take the first part of that.

National Defence committee  In the meantime, I can address the second part of that recommendation, which was defending government systems.

National Defence committee  We are constantly monitoring government systems. We are updating them with the latest threat indicators. We work closely with SSC and with Treasury Board on making sure that government IT is very well protected. Also, as a result of the NSICOP recommendation, we are working wit

National Defence committee  Thank you for the question. No, we don't get tipped off by the Privacy Commissioner. Businesses have an obligation to report to a number of bodies. Sometimes it's the Privacy Commissioner. Sometimes it's regulatory bodies. We reach out as soon as we hear of an incident. We alway

National Defence committee  We are made aware of incidents through a variety of means, media being one of them, but we also have partners who tip us off. Sometimes the victims themselves reach out to us to inform us that they've been a victim of a cyber-incident. We are aware of victims through a number of

National Defence committee  I'd like to add a couple of things. We belong to a number of communities that share information for the purposes of cybersecurity. The Five Eyes partners share a lot of information. At a more global level, we share information with computer emergency response teams all over the

National Defence committee  Thank you for the question. The assessment that we've reiterated in our most recent national cyber-threat assessment is that those four countries—Russia, China, North Korea and Iran—continue to pose the greatest strategic threat to Canada. As far as non-state actors are concer

National Defence committee  Thank you for this question. We have called out those four nation-states in our third national cyber-threat assessment. They have a variety of motivations to go against Canada by targeting Canadian individuals, by compromising some technology through worldwide campaigns, by tar

National Defence committee  Thank you. No, actually, I meant that we are investing in retention and making sure that we continue to be an employer of choice: to provide our staff with an environment where they can thrive, with the training opportunities they need. We are also, on retention—

National Defence committee  Thank you again. We're constantly hiring. The demand on our services is growing. We are busy hiring as much as we can.

National Defence committee  Thanks for the question. I'll take a first stab at it and maybe turn to my colleague Alia for a follow-up. Before the invasion of Ukraine started, we had been communicating to our partners the threat of Russian cyber-activities. Russia is a formidable cyber-actor, and we have be

National Defence committee  Each department has a departmental security officer. We have a community of those who meet on a regular basis. Treasury Board is the policy arm of our community. We would work with them to ensure that the information is promulgated as much as possible, but we don't go and audit d

National Defence committee  Thank you again for the question. I think departments know how to reach out, whether it's to Treasury Board or to us, if there is any clarity being sought on what is the proper classification of information. I personally have been in a number of conversations where we talked abo

National Defence committee  Thank you again for the question. I would defer to PSPC on anything that has to do with contracting. Our role is very much to review the security architecture sometimes, and we would work with them. Departments have the responsibility to do the SA and A of their systems. They r