Mr. Speaker, one concern New Democrats have raised is the one-size-fits-all approach. This bill would lump together banks, telecoms, nuclear facilities and energy co-operatives under a single compliance framework. All of them would face the same 90-day timeline to stand up cybersecurity programs, no matter their size or capacity. For large corporations, perhaps this is feasible. For small operators or co-ops, it could be impossible.
Should compliance obligations not be tailored to the realities of different sectors?