Committee
Consult the user guide
For assistance, please contact us
Consult the user guide
For assistance, please contact us
Add search criteria
Results: 1 - 56 of 56
View Gerry Byrne Profile
Lib. (NL)
Mr. Bruce, you've answered my question. It's approximately six years out before we complete that. Would this transformation, the consolidation, moderately improve security of the federal government systems, significantly improve the security of the Government of Canada systems, or how would you describe it?
View Gerry Byrne Profile
Lib. (NL)
Thank you, Mr. Bruce.
Is the current environment of cybersecurity a dangerous one? Would you categorize it as that?
View Gerry Byrne Profile
Lib. (NL)
May I ask, Mr. Chair, why we're taking six years to do this? If the security environment is very serious, if it's very significant that we have identified issues and problems, that a solution would be to consolidate security systems' digital communications within the Government of Canada, given the fact that we have a whole host and range of new threats emerging all the time, my question for the witness is, why take six years to do this when Canadians' privacy and interests are very vulnerable?
View Gerry Byrne Profile
Lib. (NL)
Mr. Bruce, nobody here has any doubt about that whatsoever, that you're taking it seriously. What I am concerned about, however, is that if a threat is serious and significant and we have a solution in mind, is it a budgetary issue? Why is there a six-year delay in completing this? There's nobody here doubting whatsoever that progress has been made, but the question I pose to you and to the department is, why six years? Is it a budgetary issue? Is it an issue of will? What is it?
View Gerry Byrne Profile
Lib. (NL)
Given that the Government of Canada has lapsed security funding, significant amounts of security funding, what you've indicated to the committee is that if you had additional resources you may be able to speed this process up. Would you be able to outline for the committee any particular plans or requests you've made for additional resources to be able to speed this up that you have not been allocated?
View Joyce Murray Profile
Lib. (BC)
Thank you for this fascinating presentation and discussion.
Just to follow up on Mr. Daniel's question about cybersecurity strategy, you did say that our other Five Eyes partners have a more coordinated cybersecurity approach. Is that through a national cybersecurity strategy? Is that something you think Canada should work towards having?
View Joyce Murray Profile
Lib. (BC)
Would you have a national cybersecurity strategy with some sectoral aspects within it, or would you have a military or defence cybersecurity strategy and a commercial or civilian cybersecurity strategy?
View Joyce Murray Profile
Lib. (BC)
You said that none of these technologies you were talking about existed five years ago. Technologies expanded faster than the ability of laws to address them. We know the law that created a legal framework for CSE was written in 2001 and not a period or a comma has been changed since then.
I'd like you to comment on whether updating the laws governing CSEC would be an integral part of proper security strategy.
View Joyce Murray Profile
Lib. (BC)
I have questions on two other areas. I'll be as quick as I can.
The Homeland Security agency's deputy director has declared that embedding privacy and civil liberties into the programs and activities of Homeland Security is essential to strengthening it and making it more effective. In other words, respect for privacy and effective security is not a zero-sum game. You actually have the better of both if you properly embed privacy into the organization. Would you agree with that approach?
View Joyce Murray Profile
Lib. (BC)
In other words, some proper addressing or updating of CSEC laws to improve the embedding of privacy would actually strengthen CSEC.
View Joyce Murray Profile
Lib. (BC)
Okay. Thank you for that.
Our other Five Eyes partners have this kind of coordination across agencies and we don't. Along with that, you just commented that these things are in silos. There has been a comment—and I agree, actually—that not having a parliamentary committee looking at all of the departments and agencies that deal with security and intelligence is partly why we have these silos.
In the countries that do have that—i.e., all of our Five Eyes partners—that committee of parliamentarians empowered to do that through security clearance can actually identify where there are gaps, duplications, and a lack of interoperability. It's like having the RCMP on the same channel as House of Commons security. That's part of why they have a coordinated place in the other countries and we don't, so there's a lot—
View Joyce Murray Profile
Lib. (BC)
I'm going to ask about a different set of issues.
Mr. Robertson, you mentioned, I think, the key aspects of defence: land, sea, air, space, and cyber. In terms of defence of Canada and defence of North America, I want to ask a bit about cyber.
There has been some controversy recently that Communications Security Establishment Canada has been tracking Canadians through their IP addresses as part of creating a framework for analysis. Also, there has been some concern that there are large amounts of data that are being gathered by the government without warrant, and potentially under ministerial authorities. There's also controversy that there is not really a mechanism that's accountable to the public through Parliament for the activities of CSEC.
In our attempts to have a good balance between information privacy, so people don't feel that Big Brother is watching over their every move, and having security so the kind of intelligence gathering that we need to do for real security needs can happen, are there improvements needed in reporting and in authorization?
What are the pros and cons of allowing this system now that is so much an outlier compared with the other five eyes, in terms of no need for a warrant and broadcast authorizations and lack of clear accountability to the public?
View Scott Andrews Profile
Ind. (NL)
View Scott Andrews Profile
2014-05-06 11:38
Thank you very much, Mr. Chair.
Commissioners, welcome. It's a pleasure to have you back here again.
Ms. Bernier, I'm going to start with you. Your office never knows the next thing that's going to be thrown at it. The world is changing. You may have three or four different files thrown at you at one time.
I have a question about a recent file that's been thrown at you and about how you're managing it. It's the Heartbleed privacy breach. Obviously we're just starting to learn a little bit about this. Is this something that's going to consume a lot of the resources in your office right now? If we were to have another case similar to that, how much of your office's resources would be taken up to deal with this one particular issue?
View Gerry Byrne Profile
Lib. (NL)
Minister, you opened your discussion with us with a reference to the Heartbleed vulnerability and the impact it had on the federal government and its operations. You indicated that there was a breach of personal data, which the RCMP is now prosecuting as a criminal offence.
Minister, you indicated that Treasury Board is concerned about the Heartbleed bug and suggested that the committee should be concerned about it. You may be aware that there was a motion before this committee to study the Heartbleed vulnerability; I put forward a notice of motion that there be a discussion on that motion.
You will notice that there is no discussion pending on the Heartbleed vulnerability scheduled for this committee. You will also notice that there is a majority of Conservative members who sit on this committee, who direct the activities of the committee. I can't be any more open than that, but I'm sure you can connect the dots.
Since there are no scheduled hearings on the Heartbleed vulnerability by one of the government operations oversight committees that you feel should be concerned about it, could you outline for the committee what departments and agencies and organizations with OpenSSL architecture were shut down while this vulnerability was being investigated? Can you inform the committee whether there are any investigations now under way concerning breaches of personal privacy that may have not yet led to arrest or conviction but are now under way as an investigation?
View Joyce Murray Profile
Lib. (BC)
Thank you for your presentations before the committee here.
I have a big question in my mind as to how our study of the defence of North America can really focus so that we can do justice to some of the big issues that are imbedded in that.
It sounds, Ms. Sloan, like you've identified what you see as the top two issues for the defence of North America as being cyber-security and the Arctic, the north. When you talk about moving beyond our issues with the United States, having better collaboration with them, and partnering to address the funding cuts in both countries, are you suggesting that it would be through NORAD and the next phases in NORAD, or would NORAD just be one tool for that?
View Mauril Bélanger Profile
Lib. (ON)
I want to go back to the security side of this.
Mr. Cumming, you flashed four names out there, Target being one of them. I hear that 25 million of their customers had their personal information hacked—who knows what has happened to it—and a few others.
Which security recommendation is your priority? Perhaps you could answer that quickly, because I have another question about that for each and every one of you.
View Mauril Bélanger Profile
Lib. (ON)
I'll stop you there, because I have only a couple of minutes.
The one concern I have, and I think it's shared by many people in North America, not just in Canada, is that when we hear that NSA has gathered information through Google, Apple, and so forth, what's to say the same thing has not happened in our country? There's a double concern here about hackers and safety, and of course about who gets the information that is supplied to banking and other financial institutions.
The question I wanted to get to is this: Is anyone currently using quantum computing techniques for security? This is directed to anyone.
View Mauril Bélanger Profile
Lib. (ON)
So you know what I'm talking about.
Mr. Hugh Cumming: I do.
Hon. Mauril Bélanger: Will you be considering that use?
View Mauril Bélanger Profile
Lib. (ON)
Is no one else into that at all yet?
A voice: No.
Hon. Mauril Bélanger: Has our financial consumer protection agency been into that as well?
View Emmanuel Dubourg Profile
Lib. (QC)
Do I have two minutes? Okay.
Thank you, Mr. Chair.
My third question is to the representative from Rogers.
Mr. Roberts has just spoken about how the risk to the system is more and more digital. According to your brief, the profit margins for retailers are very slim, and it is important that this system not require new investment in equipment.
Does the fact that we are told that the risk could be higher confirm your opinion that this will lead to increased costs for retailers, particularly given that margins are already slim when it comes to credit cards?
View Scott Brison Profile
Lib. (NS)
It is a significant issue, and the degree to which you collectively can address it is one that is important to the small business community in Canada.
Martha, you said in your presentation, or we read in your presentation, that consumer profiling is a concern to some customers, but not to others. For consumers who are concerned about this issue of profiling, how do you inform them of the risks inherent in mobile payments?
View Gerry Byrne Profile
Lib. (NL)
Thanks, Mr. Chair.
My question is to the Auditor General.
Mr. Ferguson, would you be able to describe the value of action plans to Parliament, and to you as an officer of Parliament, in reviewing progress on a legislative audit?
View Gerry Byrne Profile
Lib. (NL)
Thank you very much.
In your opinion, would it be true to say that whether a department was a principal focus of an audit, or part of an audit but not necessarily a number-one priority—for example, there were approximately 13 departments that were included, that were touched by this particular performance audit.
Would it be valuable to Parliament and to you as an officer of Parliament if each and every department that was a subject of the audit tabled an action plan in response to a legislative audit?
View Gerry Byrne Profile
Lib. (NL)
The action plans, I understand, were released just recently, but it was indicated from Public Safety that an action plan was released last week.
Mr. Guimont, was the action plan that was tabled before the committee today identical to the action plan that was released last week?
View Gerry Byrne Profile
Lib. (NL)
Thank you very much, Mr. Guimont.
One of the issues that was flagged for me is that a parliamentary committee receives a two-page action plan so that Parliament can hold the government to account on a critical issue like cyber-security. But what has been issued by the department for public consumption was—I assume as a communications method—a more comprehensive action plan, and the two don't seem to mesh for me.
What's tabled here is an item of record before a parliamentary committee, but what you're telling us is that you produced a much more comprehensive action plan that was not tabled before Parliament. Still, we're supposed to hold you to that standard. Is that correct?
View Gerry Byrne Profile
Lib. (NL)
With respect, I have to interrupt. You said you issued the comprehensive management plan last week, and you issued the more important action plan to the committee today.
View Gerry Byrne Profile
Lib. (NL)
Thanks, Mr. Chair.
One of the preoccupations of this particular committee and of Parliament is that we hold the government to account. One of the issues that was raised by the Auditor General in the report was a seeming reluctance to identify specific dollar figures spent on cyber-security threats.
The Auditor General did indicate there was approximately $780 million appropriated for various activities, but departments seem very reluctant to actually dig down and define how much of the $780 million was specifically identified and spent on cyber-security. Would you be prepared to provide that information to the committee, Mr. Guimont?
View Francis Scarpaleggia Profile
Lib. (QC)
I think you will find that it probably doesn't mesh with international standards or protocols that the government has signed.
But I want to go to my main interest, which is cybersecurity. The Auditor General, if I recall correctly, Minister, mentioned that your government doesn't really have a handle on how much we're spending on cybersecurity. There are all kinds of envelopes all over the place. In the fall he said, “Look, we just don't know”. Have you been able to improve your accounting? Have you been able to compile some figures so that Canadians know, compared to other countries, for example, how much we're spending on cybersecurity, whether it be in your department or the RCMP or in some other department in the government? Do we have a number right now on how much we're spending annually on cybersecurity?
View Francis Scarpaleggia Profile
Lib. (QC)
I understand. But it would be good to have a collective number for the government, since the government is an institution in and of itself.
Are we spending enough on cybersecurity? Countries such as the United States are spending, proportionately speaking, much more than we are. There was an article today in the paper talking about a digital arms race to deal with the new threat of cybersecurity. Compared, for example, with the U.K., we're spending proportionally much less. We are spending proportionally much less than the United States. It leaves us all to wonder whether we're really putting sufficient focus on this issue.
The Auditor General said, for example, that the Cyber Incident Response Centre was not operating at full capacity. You must have known that, as the minister; you must have visited the centre, and they must have told you how many hours they were operating. I don't know why it took the Auditor General's report to alert you to the fact that the centre was keeping bankers' hours.
But the broad question is, how do we know that we're spending enough on cybersecurity? We haven't had a public discussion about this, and the committee hasn't looked at the issue. How do we know that we're taking the issue seriously enough, when this is becoming the key international security issue, it seems?
View Francis Scarpaleggia Profile
Lib. (QC)
I would reiterate that there was no cyber-strategy before this government because, as the minister said, the issue cropped up rather quickly. The government's been in power so long that we were using UNIVACs at the time, but anyway....
Some hon. members: Oh, oh!
Mr. Francis Scarpaleggia: Mr. Head, how much will we be spending on mental health programs in your system in 2013–14 versus the fiscal year ending and the fiscal year before? What's the trend? Are we spending more? What are the increases like? Are we spending less or the same?
View Wayne Easter Profile
Lib. (PE)
Thank you. It's a pleasure to be here, Mr. Chair.
Thank you to the witnesses.
I take it from what you said that this incident is not what you would classify as a security breach.
View Wayne Easter Profile
Lib. (PE)
You say it's more of a threat on an individual. As far as CSE goes then, you really don't have any role in the investigation. It would be more the RCMP or maybe foreign policing agencies. When you're dealing with the Internet, it's certainly not just a domestic issue.
Would that be correct?
View Wayne Easter Profile
Lib. (PE)
On the YouTube video and the Vikileaks—a number of incidents surrounding this minister—part of it relates to the lawful surveillance bill that is being proposed and I gather is now on the back burner.
From the public perspective—you may be able to help us out in this area—there is a lot of concern about Big Brother. Privacy is almost a thing of the past. There is a lot of concern about big government, Big Brother, so to speak, finding out a lot of information on individuals either through the Internet system or other means.
How do you see finding the balance in that regard? I know very well there is the need for the role you play in terms of security of our IT systems from afar, and there is the need within the country for security and privacy. On the other side of the coin, there are people's privacy concerns that they want to protect.
How do you find the balance in this new age?
View Wayne Easter Profile
Lib. (PE)
There is always the fear of people, though, that they're being spied upon. Certainly there's the incident with this minister and what seems to be a threat. But what I find, and I think probably many members around here would be of the same opinion, is that in the Internet age there's an article in the newspaper, and then in the comments section a lot of the comments that come in could almost be considered as hate mail.
I think that's becoming a serious problem. I don't know, Mr. Chair, how we're ever going to get around it, because people are allowed to send letters in to the comments sections on the Internet using false names. I think that if you have to sign your name to the article, you're less likely to make some of these outrageous comments that are being made against a person or in opposition to a policy issue.
I know this is not your area, but do you see problems in that regard? How do we start to get a handle on what I'm seeing increasingly as almost hate? It can develop on issues, but individuals are being attacked in the comments sections to the point that I hardly ever read them. It's an increasing problem.
Do you see that from where you sit?
View Wayne Easter Profile
Lib. (PE)
I understand that, and there's no question that it's huge and evolving. But whereas at one point in time people had to sign their names.... I know they sign their names somewhere, and then they use this nickname.
The reason I raise this question is that in terms of this threat we're dealing with—Anonymous, whom we do not know even—each and every one of us who are not ministers but who take policy positions because it's part of our job, increasingly faces hate mail because the people who are writing the letters do not have to sign their names.
In your experience, are there any countries or any laws anywhere that try to get around that issue? I think it's escalating and that it leads to outrageous statements and outrageous attacks upon individuals. In this case it's an outrageous attack on the minister by Anonymous, but this isn't the only instance. I think all of us around here.... Somebody takes a dislike to something we said and then goes on a rampage. And in the comments section they go for the jugular, and it's nearly hate.
View Wayne Easter Profile
Lib. (PE)
Thank you, Mr. Chairman, and thank you to the witnesses.
Mr. Albrecht, in his questioning, read some of the threats from YouTube. He basically implied in that question that asking for a minister's resignation should be seen as a threat. I would hope not. I think I've asked for some and I don't want to walk out of here in handcuffs.
I don't see asking for a minister's resignation as a threat, not in any way. I think we've asked for a few.
Also, in your statement, you said that the minister has asked for an investigation. In your remarks to us, Assistant Commissioner, you said, and I quote:
If a minister or a member of Parliament feels their safety and security is in jeopardy, they should report it to the RCMP or the local police of jurisdiction.
Did Minister Toews ask for such police protection?
View Wayne Easter Profile
Lib. (PE)
So we can't determine whether or not Minister Toews has made the request.
I'm well aware of protection for ministers in the past.
So you can't tell us. We know Minister Toews has made the statement to the House and that's why this committee is discussing the issue, but you can't tell us whether or not Minister Toews requested security as a result of this.
View Wayne Easter Profile
Lib. (PE)
Okay. Thank you.
It seems to me that in the evidence presented previously, and by both your groups, the various agencies are set up to deal more with threats to the system. Certainly the RCMP is set up to deal with threats to individuals, and that's your judgment call.
But is it fair to say that all the various security apparatus and various agencies we have in terms of this Internet age are set up more so to deal with threats to the system as a whole rather than to individuals? We are dealing with different circumstances in the way that this threat came forward.
Mr. Gordon.
View Wayne Easter Profile
Lib. (PE)
In your remarks, Mr. Gordon, on page 2 in the English copy you said that the CCIRC is responsible for helping to mitigate, respond, and recover from incidents affecting vital systems outside the federal government, and you emphasized the word “outside”. What about inside the federal government? What happens there? Why did you emphasize the word “outside”?
View Wayne Easter Profile
Lib. (PE)
And you also talked about your response to cyber-events. I'm going to run out of time, so I'll ask two questions at the same time, Mr. Chair.
In layman's terms, can you give us the process of how you respond to those cyber-events in terms of attacks on the system, trying to mine data, trying to misrepresent, misinformation, or whatever?
My second question is really to the RCMP. If, in this case, Anonymous is identified and is found to be just south of the border or outside the country somewhere, what's the process? How do you, then, get at the individual in terms of charging them with a crime and getting them to face the consequences of that crime in this country, when it happens over the Internet, outside the country?
So there are two questions, one to Mr. Gordon and one to the assistant commissioner.
View Marc Garneau Profile
Lib. (QC)
Thank you, Mr. Chairman.
Thank you for appearing today, Minister.
It is very clear that you were threatened. It is very clear that what was done was totally unacceptable. I certainly would not want that to occur to me.
When the Speaker ruled, he invoked Speaker Lamoureux's ruling of 1973. It was a totally different world at that time. It doesn't invalidate anything—the ruling is his ruling, and I respect that—but it was a totally different world. I don't think Monsieur Lamoureux could have imagined the kind of world we live in today, where unfortunately ministers who present legislation can sometimes be criticized.
From a practical point of view, the question that I'm still trying to ask myself is what this committee is going to do. I perfectly understand your point of privilege and I would have done the same thing myself, but I'm scratching my head as to what we can do as a committee when one considers that the Anonymous threat that was made against you came through a YouTube video, which is available to anybody on this planet to make. Over and above an investigation by police authorities, which I think is the right thing to do in each case where it may occur, what is it that you are hoping, in practical terms, this committee will do so that in future this kind of thing is not going to occur?
We talked last week with the Clerk. A lot of the talk went into the subject of hacking into people's accounts and things like that, but really had nothing to do with your specific point of privilege, which was based on a YouTube video, which anybody create. The reality is this is going to happen again. It's going to happen to other ministers at different times in the future. What can we do, other than get the police onto it?
View Marc Garneau Profile
Lib. (QC)
Thank you, Mr. Chair.
Thank you, Professor Franks, for being here.
Am I correct that in your opinion it wasn't entirely clear to you that what Anonymous said on YouTube was of an offensive nature versus a threatening nature? Did you speculate and say that you weren't sure where it was located?
View Marc Garneau Profile
Lib. (QC)
It's an interesting thing. I'd like to explore it a little bit more, because I think it is important to establish whether the minister was merely offended or whether he was threatened. Did you see the video or read the transcript?
View Marc Garneau Profile
Lib. (QC)
I'd like to bring up that dimension, because an important element here is that sometimes when something is presented visually, it can be far more powerful in its impact than something that is merely on paper, the exception being Stephen King novels, which scare me just as much when I read them as when I see the movies.
In this particular case, I get offensive tweets on a regular basis and I recognize them clearly as that. I get offensive letters occasionally, and I recognize them as such; however, when I looked at this video, I found it threatening.
I don't know if I would have found it threatening reading it, but I certainly found it threatening looking at it, the reason being that, first of all, you had this character with a mask who was speaking with an artificial voice and was basically saying things to the minister that in my opinion were clearly of a threatening nature. I think that is an important element here. I bring it up because I'm not sure we want the RCMP investigating something that's merely offensive, but we definitely want to get the RCMP investigating something that's threatening.
I'd like to have your views, please.
View Marc Garneau Profile
Lib. (QC)
Thank you, Mr. Chair.
I would also like to thank the guests who are with us today.
In short, the Speaker recognized that there was, on the surface, a question of privilege. I am certainly not calling into question the decision that was made. It led to the following motion:
That the matter of threats to, interference with, and attempted intimidation of, the honourable Member for Provencher be referred to the Standing Committee on Procedure and House Affairs.
Frankly, I have been scratching my head since March 6, since the decision. I most certainly respect it. When I spoke, I said that it was important for the RCMP to be involved immediately because there had clearly been a threat. We all recognize that it is criminal and despicable. I've been wondering what else we can do.
You may have summarized the situation well by saying that being threatened from time to time is inherent to our profession. The Prime Minister, for example, is always physically surrounded for his protection.
We also know that on occasion ministers have had to be provided with protection because of a particular bill. It's in the nature of our business, and I believe I tried to make that point when I intervened before the decision was made. It goes with the job, in a sense, and it's something that we, and particularly cabinet ministers who bring forward laws, have to be aware of and accept.
So what can we do in these circumstances? You suggested awareness that these things can happen to us, and protecting access to our Internet materials, and that kind of thing.
By the way, I was hacked yesterday on my Twitter account. I must have been tired, but I was pulled in by probably a very old trick and realized that people are out there doing this kind of thing. That is something we should be more aware of; there's no question about it.
It seems to me that you are also saying we can react to individual cases and see what we can do and what the appropriate measures are. But at the same time, to some extent this goes with the job; while we want to protect members of Parliament as much as possible, we cannot provide a magic bullet here.
If Anonymous, for some miraculous reason—and I doubt that this will be the occasion—were to be caught and disbanded, there will be others. There are the OpenMedias and the Leadnows that make you aware that they are not in agreement with what a government decides, but they do so democratically; then there are the Anonymouses. But there will be lots of them, and that's the 21st century.
So what can we do—I'm asking the same question everybody else has asked—other than educate ourselves and be very careful?
View Marc Garneau Profile
Lib. (QC)
Thank you very much.
My one question I guess is based on my ignorance. Is there any gatekeeping done of any kind with respect to YouTube? Can anybody post anything and it is not monitored or checked to see whether it breaks the law in any way? Is there any discussion internationally about having those kinds of standards before something can be posted as a YouTube video? Or is it a wide-open wild west?
View Marc Garneau Profile
Lib. (QC)
The question was not specific to Parliament. It was just applicable to the whole planet, really. It was really more of a general nature--anybody out there, not Parliament specifically. Do you know whether checks are put in, or can anybody post anything they want?
View John McKay Profile
Lib. (ON)
You're very generous, Chair. I thank you for that.
Just a quick one on cyberspace. If anything came out of our little tour, it's something that we don't.... What we're thinking about seems to be so low-level that either there's higher-level thinking going on and they are not telling us, or we're way behind the curve on this. That puts it in the context of the Chinese stealing Nortel's secrets for the last ten years, or that apparently the Chinese have penetrated Lockheed Martin and may have contributed to some of the delays in the development of the F–35.
I'm interested in your thoughts.
View John McKay Profile
Lib. (ON)
Thank you, Chair, and thank you to all of you for your thoughts.
I want to start with Dr. Skillicorn's comment that “organization matters”. Your comment was that the Brits got it right by accident—namely, that they had their signals intelligence, and their cyber-security kind of fell into the same pot, so they've carried on doing what they do. I don't know—possibly you have an opinion on this as well—how effective they are in the area of cyber-security.
On the other hand, the three gentlemen to your left have--fairly, I think--a castle model of security, namely, “These are our borders, this is what we have to protect, these are Canada's interests, and this is how we're going to go about readiness to protect those.”
You then made a comment to the effect of, “We don't even know where some of the stuff comes from, we don't know who does it, and we don't know why they do it, but it just sort of appears.”
The question, in the context of readiness, is should cyber-security be housed with the military?
View John McKay Profile
Lib. (ON)
Is that a military mindset? Is that a military training?
We've been at RMC. We've been to the folks in Toronto. It seems to me to be kind of leading edge here. Is this a cultural antithesis to the military way of thinking? I guess that's the question I'm asking.
View John McKay Profile
Lib. (ON)
I'd be interested in the academics' response to Dr. Skillicorn's issue, because it does strike me as a bit of a contradiction. I'd be interested in how, in effect, particularly at RMC but also in the graduate programs, you are educating our military folks, the best and the brightest, for the anticipated cyber-warfare, which is borderless. Sometimes you can't even locate where the threat is coming from.
View John McKay Profile
Lib. (ON)
No; I suppose you're kind of the last resort. So instead of just sort of organizing it by default, should CF say, “Okay, we're taking the lead on cyber-warfare”? In which case, then, that is a huge mentality change for warriors, for want of a better phrase.
Dr. Sokolsky.
View Geoff Regan Profile
Lib. (NS)
Thank you.
Perhaps, as I ask other questions of you, Mr. Cochrane and Mr. Paterson, you may also have answers on some of the legal barriers that you see.
First, Mr. Paterson, we saw in Canada a very quick adoption of debit cards, much quicker and much wider than in the U.S. It's interesting to ask, are we already behind in e-commerce adoption in terms of...? Are we going to be quicker than the U.S. in adopting things like M-wallet? These are interesting questions.
Also, one of the phrases you used was that e-commerce translated data into intelligence. I think that for a lot of consumers, that's exactly the worry that they have. For instance, I forget who mentioned it, but on your smart phone, along with information about your bank account or credit card accounts, you'll also have other information, such as your licence. Here I mentioned several accounts, as you're probably going to have more than one account, because I can't imagine the technology not being invented to provide for several different credit cards or bank accounts being on the same phone.
Obviously we're aware of, and have even seen this year, major companies being hacked into and the private information of Canadians being accessed and stolen. How can Canadians be assured and comfortable with this, so that we can see e-commerce moving forward? How can we see people being more comfortable about the security of these systems?
View John McCallum Profile
Lib. (ON)
Let me change the subject.
You have spoken about your commitment to greater accountability and, in the throne speech, to greater openness. I'm talking about this hacking into the Treasury Board and finance department computer systems. I understand this happened five months ago, or for five months many of your employees have not been able to access their computers.
This strikes me as a very serious matter, and CBC reported that the cost of fixing it could be as much as a billion dollars. I have no idea whether that's true, but it seems to me you have said very little or nothing about this situation. The parliamentary secretary to the Prime Minister was on a TV show with me recently, and he could not commit to Canadians that their data was secure, whether it's health information, tax information, or whatever their private data. I think that's an extremely important matter for a government in 2011, and I think we have heard very little from you.
What can you tell Canadians about the safety of their private data, what you are doing to fix the situation, and how long this will take? We're out here knowing nothing about what is going on, and I do not think that is acceptable.
View John McCallum Profile
Lib. (ON)
Thank you.
Perhaps I could return briefly to where I was before: computer issues. I find it not very satisfactory when everybody I ask says the same thing, whether it's you, Madam Secretary, or the minister, or Dean Del Mastro. Everybody says they take this matter very seriously. Well, I should hope we take this seriously, but that's not the question.
Can you guarantee the security of Canadians' private information? What is being done to fix this? How long will it take to fix it? What will it cost? Those are the questions. I assume you take it seriously.
Results: 1 - 56 of 56

Export As: XML CSV RSS

For more data options, please see Open Data