New regulations often drive the cybersecurity debate. In Canada, Bill C-26 lays the foundation for regulation and standards for critical infrastructure - nevertheless, many manufacturers continue to not have the regulations applied to them, or alternatively, see the regulations as not going far enough.

This session will explore what should be in a regulatory framework for tomorrow, and it will ask: Does Bill C-26 go far enough to include our manufacturers? If not, what should be amended? Should we have more regulatory frameworks? What should be included in these frameworks when it comes to manufacturing? How do standards such as NIST and CISA help provide guidelines despite a lack of legislation? What standards and regulations should we follow from other countries and regions in light of a lack of domestic legislation?