At KW Habilitation, supporting wellbeing goes beyond the services we deliver. It includes caring for the health of our employees and the people we support, and building strong partnerships that make wellness information accessible, inclusive, and empowering.

♦

On March 6, KW Habilitation hosted a wellness session focused on improving access to breast cancer screening. Thirty one people attended, including staff and individuals supported by the organization. The session reflected KW Habilitation’s ongoing commitment to supporting the whole person and ensuring our team has the information and tools they need to stay well.

The session featured Dr. Neil Naik, a Primary Care Physician and member of the Ontario Breast Cancer Advisory Committee. Dr. Naik provided a clear and practical overview of the Ontario Breast Screening Program. He walked attendees through how easy it is to book a mammogram, what to expect during an appointment, and reminded everyone that screening is free for eligible Ontarians.

Dr. Naik also shared information on other important cancer screenings, including colorectal, lung, and cervical cancer screening. He explained when screening is recommended and why early detection plays such a critical role in long term health outcomes. For employees who support others through medical appointments, he offered helpful guidance on how to prepare for a mammogram and how to support someone during the process. Many attendees were encouraged to learn that all breast screening locations in Waterloo Region are wheelchair accessible, and that individuals can request extra time or arrange a visit in advance.

To ensure the impact of the session extended beyond the room, cancer screening resources were shared with all KW Habilitation employees, allowing everyone to access reliable information and continue conversations about preventative care.

As a small but meaningful reminder of the message, each attendee received a packet of forget me not seeds prepared with the support of Our Farm. The gift reinforced the importance of being part of the TEAM by Telling Everyone About Mammograms and supporting one another in taking proactive steps toward health.

This session was made possible through KW Habilitation’s partnership with the KW4 Ontario Health Team and the Regional Cancer Screening Program, with coordination support from Lorraine Stavenow. Together, these partnerships strengthen KW Habilitation’s ability to promote wellness and ensure that employees and the people we support feel informed, supported, and valued.

Resources:

• Check your Cancer IQ, learn your risk and get a personalized action plan!
• Watch a short video about getting a mammogram at the Waterloo Regional Health Network
• Check out the WRHN breast cancer screening webpage

The post Promoting Wellness Through Accessible Breast Cancer Screening Information appeared first on KW Habilitation.

Organization: Armagh House

Location: Mississauga, ON (Meetings in-person and/or virtual)

Position Type: Volunteer, Board of Directors

Armagh House is a second-stage transitional housing offering safe shelter and programming for women and their children fleeing domestic abuse. Our mission is to empower women and children to rebuild safe, independent lives, while advancing community focused solutions for lasting change.

Armagh House is seeking a passionate and committed individual to serve as Vice President of the Board of Directors. This is a volunteer leadership role ideal for someone with strong governance experience, a heart for social justice, and a desire to support women’s safety and empowerment.

• Support the President in fulfilling board leadership duties and assume the President’s responsibilities when required.
• Collaborate with fellow board members to provide strategic direction and oversight of Armagh’s mission, values, and financial sustainability.
• Act as Chair of board meetings in the absence of the President.
• Serve as a member of the Executive Committee and contribute to board development, succession planning, and governance.
• Advocate for Armagh in the community and support fundraising and outreach efforts.
• Ensure compliance with legal and ethical standards and best practices in nonprofit governance.

• Previous board or leadership experience in a not-for-profit organization.
• Strong understanding of governance, strategy, and risk management.
• Passionate about women’s rights, safety, and transitional support.
• Collaborative, ethical, and committed to diversity, equity, and inclusion.
• Ability to commit time and energy to regular board meetings, committee work, and events.

• Board meetings are held approximately 6–8 times per year.
• Additional time may be required for committee work and special events.

Please submit a brief letter of interest and résumé outlining your relevant experience and motivation for applying to: jannies@armaghhouse.ca

The post ARMAGH House- Board Vice President appeared first on Capacity Canada.

Armagh empowers women and children to rebuild safe, independent lives, while advancing community-focused solutions for lasting change.

Armagh House is the only supportive, transitional housing program serving the Region of Peel, offering safe shelter and programming for women and their children fleeing domestic abuse. Our mission is to empower women and children to rebuild safe, independent lives, while advancing community-focused solutions for lasting change.

Armagh is currently looking to fill a vacancy on our Board of Directors and is seeking passionate individuals with expertise in legal or fundraising fields. This is a meaningful opportunity to contribute to a vital cause and help shape the future of a community-based organization dedicated to women’s safety and empowerment.

• Provide strategic oversight and governance to support Armagh’s mission and values
• Contribute professional expertise, particularly in legal or fundraising areas
• Participate actively in board meetings, committee work, and special events
• Support fundraising, advocacy, and community outreach efforts
• Ensure compliance with legal and ethical standards in nonprofit governance

• Background in law, fundraising, or related fields
• Previous board or leadership experience in a nonprofit setting is an asset
• Strong commitment to diversity, equity, and inclusion
• Excellent communication, time management, and organizational skills
• Willingness to complete a Police Vulnerable Sector Check

• Board meetings are held approximately 6–8 times per year, virtually and in-person
• Additional time may be required for committee participation and events
• Board term is 3 years, beginning May 25, 2026

• Play a key role in a vital community organization
• Apply and grow your leadership and professional skills
• Gain experience in nonprofit governance
• Expand your network in the Peel region’s volunteer and advocacy sectors
• Help create lasting change for women and children affected by gender-based violence

Please submit a brief letter of interest and résumé outlining your relevant experience and motivation for applying through indeed application portal or email to: jannies@armaghhouse.ca

Job Type: Casual

Work Location: Remote

The post ARMAG House appeared first on Capacity Canada.

♦

In September of 1899, the Carnation company launched “Carnation Sterlized Cream.” The company eventually changed the name to “Carnation Evaporated Milk.” It was a good branding and marketing move.

The useful, shelf-stable product that you can find in the baking aisle of your grocery store is simply milk that has had 60 percent or so of its moisture content removed.

What remains is a thick, sweetish compound that has many uses in the kitchen – including make-it-yourself dulce de leche.

The Spanish phrase translates to something like “sweet of milk” or “milk candy,” which is a rich, creamy caramel dessert that is popular in Central America. It can be part of the delicious filling you might find in the popular Argentine sweets called “alfajores,” as in the banner photo above.

You can make dulce de leche at home simply with a pot of boiling water and a bit of time.

There is a quaint myth that a mother in South America was warming a can of evaporated milk to feed her children when she heard the cacophony of horses hooves trampling the valley below her home.

She went to investigate and witnessed a battle that was the beginning of one South American revolution or another. Transfixed by the commotion, she forgot about the simmering can and sometime later, when she opened it, she found “sweet of milk.”

Take a can of evaporated milk, whole or two percent. Puncture the top of the can in two places (on opposite sides) with a hammer and a clean disinfected nail.

Set the can in gently boiling water that covers two-thirds up the side of the can. Let it simmer away for a few hours.

What results when you open the can is a thick, creamy and sweet golden custard that you can pour into a bowl and whisk to incorporate any lumps that may exist.

The preparation has many uses and dessert applications, from a cupcake frosting to a donut filling — or, to simply eat off the spoon.


[Image/commons.wikimedia.org/w/index.php?curid=44938309]

Check out my latest post “Sweet of milk:” DIY dulce de leche from AndrewCoppolino.com.

This post today is supposed to be about Susan Koswan's excellent Opinion piece in today's K-W Record titled  "Water and nature need protection from politics".  Essentially the politics she is describing are the politics of our current Conservative government led by Doug Ford. I am of two minds right now. Or maybe even three or four. Yes Doug Ford and his merry band have been awful for the environment and Ms. Koswan  clearly describes his gaffes, errors and plain bad thinking and behaviour on the environment file. 

Meanwhile back on the first page there is Doug Ford blustering about how a homeowner recently shot one of four home invaders. Four on one in the middle of the night is hardly a fair fight especially as at least one of the home invaders was caught on video with a gun in hand. Undaunted the homeowner shot one of them and they all fled. Doug Ford meanwhile was quoted as saying that the homeowner should have shot him a few more times for good measure.

Doug of course is pandering to the public's discomfort with firearms legislation that essentially for decades has stated that citizens may own guns to shoot unarmed animals and or harmless paper targets that have never attacked anybody. But by God any use of a firearm to defend oneself from physical attack is beyond the pale. Under no circumstances are Canadian citizens supposed to have the right to readily and quickly defend themselves from robbery, assault or worse. Being even blunter I expect that our police, prosecutors and courts will cheerfully advise women that mere rape also doesn't justify shooting someone. For our justice officials that would be a case of using disproportionate force to defend oneself. Well! Let me simply suggest that if any of either Harvey Weinstein's or Frank Stronach's alleged victims had been armed, their criminal activities would have been nipped in the bud.

So I like Dougie for standing up to the stupidity of our judicial system and the temerity of all participants within it to expand the legal rights of citizens to defend themselves from unprovoked attacks. At the same time I am appalled at his biased and self-serving environmental behaviour in this province. He is a one man environmental wrecking machine and needs to be cut down (only at the polls please).

The Environmental Protection Agency and cyber security authorities yesterday issued a stark warning: Iranian cyber actors are actively conducting a critical targeting campaign against programmable logic controllers in U.S. water and wastewater systems. This isn’t a theoretical exercise. These threat actors are actively exploiting these networks to get to Rockwell PLC, exploiting weak or default passwords, and taking control of the very systems that keep our drinking water safe.

The specific devices under attack:

• Rockwell Automation CompactLogix 5370 Series (1769-L series including L16ER, L18ER, L19ER, L24ER, L30ER, L33ER, L36ERM variants)
• Rockwell Automation Micro850 Series (2080-L50E variants)

For facility operators, this is a wake-up call. The methods these attackers use highlight a fundamental flaw in how many utilities approach remote access and network security. Relying on a hardened perimeter while leaving the soft underbelly of the network exposed is a recipe for disaster. It is time to seriously re-evaluate how we implement defence in depth.

Advanced persistent threats rarely break through the front door of your most secure facility. Instead, they look for the path of least resistance. This is often an unlocked window in an adjacent, less-secure network. This technique is known as lateral traversal.

An attacker might compromise a third-party vendor’s laptop or find a vulnerability in a secondary IT system. Once inside that adjacent network, they pivot. If your architecture relies on traditional virtual private networks, that compromised laptop suddenly has a direct bridge into your operational technology environment. The attacker can quietly scan the subnet, discover legacy devices, and move laterally until they find a critical system they can manipulate. As we have seen with the recent alerts from CISA regarding targeted water facilities, the results can be devastating.

True defence in depth for critical infrastructure requires moving away from the illusion of the perimeter. We must protect the individual resources themselves, assuming the network is already hostile. This requires a fundamental shift in three key areas.

A password is not an identity. The fact that nation-state actors are successfully exploiting default passwords on industrial controllers proves that shared credentials and simple passwords are an unacceptable risk. We must cryptographically verify exactly who is requesting access before a connection is ever established.

This means implementing multi-factor authentication universally, even for legacy systems that don’t natively support it. Every operator, contractor, and engineer must be authenticated through a unified identity provider using strong factors, ensuring that a compromised password alone is useless to an attacker.

Once we know exactly who a user is, we must rigorously control what they are allowed to do. Broad network access is the enabler of lateral traversal. If a pump technician only needs to view a specific interface, they should not be granted access to the entire subnet.

Authorisation must be pairwise. This means creating a specific, isolated connection between the verified person and the single resource they are authorised to use. By enforcing fine-grained authorisation at the application layer, we ensure that even if a user’s device is compromised, the blast radius is contained entirely to that single application.

Flat networks are a playground for threat actors. We must isolate critical cyber assets from the public internet and from each other. However, traditional network segmentation using firewalls and virtual local area networks is notoriously complex to manage and prone to configuration errors.

Modern segmentation means eliminating inbound open ports entirely. Your infrastructure should be completely invisible to automated scanners like Shodan. By using outbound-only connections to an identity-aware proxy, we can achieve absolute segmentation. As we detail in our analysis of why traditional VPNs fail compliance standards, removing the attack surface is far more effective than trying to patch it.

The campaign against our water systems is a stark reminder that legacy security models are no longer sufficient. We cannot bolt security onto the outside of our operational technology and hope it holds. We must build it into the very fabric of how users access these systems.

By enforcing strong identity, implementing fine-grained authorisation, and ensuring strict segmentation without inbound ports, we can stop lateral traversal in its tracks and protect our critical infrastructure from the next wave of attacks.

Don’t wait for an incident response warning to upgrade your security. Contact us today. We are the experts in cyber defence for critical infrastructure for water, and we can help you implement a zero trust architecture that fundamentally reduces your risk without disrupting your daily operations.

The post Community Night at GRR Kitchener appeared first on Grand River Rocks Climbing Gym.

The post Rubble Rebels appeared first on Grand River Rocks Climbing Gym.

When: Friday May 1st, 7:00 – 8:15pm

Where: Riverside Park Memorial Gates, 49 King Street West, Cambridge

Walk Leader: Kevin Swayze

More than a century ago, passenger trains ran down King Street in old Preston, as part of the first electric railway in what’s now Waterloo Region.

It’s not hard to find hints of Preston’s deep railway history – and perhaps its future – on a stroll along the Speed River or Eagle and King streets.

Join journalist Kevin Swayze as he shares how Preston was a busy railway hub in Waterloo County 125 years ago, for both people and freight. Trains connected Preston to Galt, Hespeler, and Kitchener.

And he’ll talk about the future of passenger trains planned for Preston, while walking part of the route proposed for light rail transit between Cambridge and Kitchener.

One of the terms used in past reviews and studies concerning dioxins has been that it is a non threshold contaminant. In other words there simply is no safe level of exposure for human beings. Now that is very concerning particularly when one realizes that human beings throughout the world have already accumulated body burdens of dioxins. Amounts mentioned thirty plus years ago were in the 4 to 6  picograms  range per day exposure for Canadians. At the same time that Canada had a guideline maximum of 10 picograms per day per kilogram of body weight, our American cousins had a guideline of only .006 picograms.  Now it is entirely possible if not probable that either concentrations or body burden guidelines have changed since 1994. Personally I have found the silence in the media on the matter to be nearly deafening.

It is also possible that up to date science may very well have decided that the only safe guideline number is zero especially for vulnerable populations. This would include pregnant women, young children and those with compromised immune systems. Regardless it is next to impossible for citizens to either stop or reduce their exposure to these now ubiquitous contaminants. While the simplest expression of the source of dioxins is chlorinated substances being burned the fact is that they are in our food, water and the air we breathe. Yes polluting industries such as pulp and paper  as well as chemical companies are major contributors but there are many more including hospital and municipal incinerators.  

Instead of studying, monitoring and sometimes ignoring them as we have done for the last thirty-six years here in Woolwich Township (Elmira), what is needed is proper removal. It can be done but for profit industries are willing to sacrifice human life in exchange for millions of dollars and our local, regional and provincial politicians are only too willing to accommodate them. Now lets be clear.  No politician will ever admit to this. It's about them finding ways to weasel word their way around the reality. It's about them finding ways to disparage the science, the data and if necessary the scientists themselves. Isn't it ironic that unqualified, sometimes dyslexic, sometimes illiterate and most times mathematically challenged politicians when pressured to stand up for their own constituents will run and hide behind criticism of those far more qualified than they to come to conclusions and make decisions.     

 Jeff Merriman promised us six litres per second of on-site Municipal Aquifer pumping in order to maintain hydraulic containment and stop off-site migration of Uniroyal's groundwater. For a number of years the total from two or three on-site pumping wells was around 5.3 to 5.5 litres per second. Close although not quite there. In November 2012 after Conestoga Rovers admitted that their off-site pump & treat wasn't going to complete the job by 2028, they and Chemtura promised a TRIPLING of the volume of off-site pumping. Oddly no mention was given of increasing on-site pumping at the same time in order to avoid the increased off-site pumping from dragging on-site contaminated water along with it as the groundwater levels were lowered off-site. That in hindsight should have been our first indication that we were being lied to yet again.

Since about 2017 the on-site municipal aquifer pumping  has been slowly dropping until it's at about 3.3 to 3.6 litres per second. As serious as that is, the problem is only exacerbated as the off-site pumping has indeed been increased. Now that increase certainly never achieved  even a DOUBLING much less a TRIPLING of the off-site volumes from 2012 (around 53 l/sec) as promised.  It did increase however to often achieve 65 l/sec and occasionally as high as 70 or 71 l/sec. This has been going on for years now with nobody including TRAC so much as raising questions directly about increasing off-site pumping while lowering on-site pumping.  This practice we were advised for years while on CPAC absolutely would cause the Uniroyal site to lose hydraulic containment and further increase off-site contamination. 

There has never been an iron clad test to prove to citizens that hydraulic containment was being kept. Promises and assurances from proven liars that groundwater levels here and there "prove" containment aren't worth the paper they are or aren't written on. More, louder and shriller exhortations of integrity and honesty from Lanxess Canada and or the MECP also mean less than nothing. They and their predecessors have never stopped lying to us.  

♦

Restaurants that feature enormous cylinders of spit-roasted chicken, beef and lamb, some weighing close to 40 kgs, are popular across our dining landscape: I don’t know anyone who doesn’t like some sort of roasted meat shaved from a rotating vertical skewer that cooks and bastes the protein simultaneously.

And how could one not? It’s hot, tender seasoned meat with a few crispy bits wrapped in a warm envelope of bread as a shawarma, gyros or al pastor with a host of garlicky sauces, hummus and vegetables — and a favourite of mine, pickled pink turnip.

Turkish Anatolia in Orleans does a pretty good job of putting together a platter-for-two of said cooked chicken and beef in doner style that arrives at your table — I love hearing the sound of the knife slicing the meat — served on a bed of extremely tasty rice and a satisfying sort of bulgur “pilaf.”

Both meats were perfectly cooked — some tenderness and just the right amount of fattiness alongside those few crispy bits — and the portion of the platter just enough to pack up and take home for lunch the next day.

Ezme (“mashed”) tomato spread/condiment/salad is laced with some sort of red pepper paste and is quite delicious: the presentation, though simple, is beautifully done; one can appreciate the few extra moments of time it took to present it, even in a simple and humble dining room in a commonplace strip plaza.

Yogurt-based minty cacik is garnished with herbs and with the ezme is terrific slathered on the fresh, hot pita-like bread.

A couple of dips accompanied the platter and basket of bread and both were quite good and very garlicky (but a bit too much for my liking). I slurped a bottle of “Legendary” Uludag gazoz, a citrusy Turkish soda pop, perhaps akin to Sprite. The name pays homage to the “great mountain” Uludag in northwest Turkiye.

The restaurant’s specialty is dishes served with a Turkish inflection but there is also a Pakistani menu available. I can say that a distinguishing aspect was the friendliness and attentiveness of the staff, I’m guessing the owners.

A final gesture of hospitality, served in quaint perhaps traditional little vessels, were cups of tea. It appears that with some meals, the gesture is a complimentary and appreciated one.

There’s not much information available on either their website or their Facebook page, so you’ll have to fly solo when you visit Turkish Anatolia.

One thing that struck me, however: next door to the Anatolia was a juice place and sub joint — both of which seemed to generate more traffic than those looking for legit kebabs and doners. That’s a shame.

Check out my latest post Turkish Anatolia Orleans from AndrewCoppolino.com.

♦

♦YEP Socials Spring Session
Cheese Rollups – Tuesday, March 24
6:00 PM – 8:00 PM
Trip to the Movie Theatre – Friday, April 24
9:00 AM – 4:00 PM
KW Habilitation – 99 Ottawa St. S, Kitchener

Youth Exploring Possibilities Spring Session of YEP Socials is great for anyone 13 to 25 years old looking to do some fun activities with a group. Spend evenings and PD days doing baking, art, swimming or going to the movies. This Tuesday, March 24th, spend time with friends and bake some tasty apple cinnamon flavored cream cheese roll ups. Look forward to your next PD day on Friday, April 24 where you will go to the movie theatres to see the new Super Mario Galaxy Movie. Sign up today to secure your spot!

Click here for more info

♦♦ ♦

♦Jays Home Opener
Friday, March 27
7:00 PM – 11:00 PM
FREE
The Gaslight District – 64 Grand Ave. S, Cambridge

The Toronto Blue Jays are back! Experience all the action of the Home Opener Game, live on The Big Screen! Grab your crew, throw on your Jays gear, and come cheer them on with Jays fans alike. Bring your lawn chairs, some snacks or you can grab game grub from the many restaurants in the district. Experience that feeling of a fandom community you get in the stadiums, right here in town.

Click here for more info

♦Spring Craft Market
Saturday, March 28
10:00 AM – 2:00 PM
FREE Admission
Sunnyside Public School – 1042 Weber St. E, Kitchener

Get into the Spring Season with this fabulous Spring Craft Market. Featuring over 40 vendors throughout the schools Gymnasium and Library, there will be plenty unique and handmade items to browse through. This is the second annual Craft Market which helps with fundraising for the Sunnyside Public School which serves students in grades 7 and 8.

Click here for more info

♦Intro to Audio Production Software
Saturday, March 28
10:00 AM – 11:30 AM
FREE – Registration Required
Central Library – 85 Queen St. N, Kitchener

Thinking about trying out the recording studios, but not sure where to start? Join us for a beginner-friendly session where we’ll show you how to book studio time, set up microphones and gear, and apply basic recording techniques for music, voice, or podcasts. You’ll also get practice time in the studio to explore and experiment.

Click here for more info

♦

♦Queen Street Commons Café
43 Queen Street South, Kitchener

Monday to Wednesday: 8:30 AM to 6:00 PM
Thursday and Friday : 8:30 AM to 8:00 PM
Saturday: 9:00 AM to 4:00 PM
Sunday: CLOSED

First opened in 2006, The Queen Street Commons Café has a long history of being an affordable and inclusive meeting place, where people from all walks-of-life gather in common. The café is a not-for-profit project run by The Working Centre and reopened on March 13, 2026 after a brief hiatus due to the pandemic. At a time when public spaces are diminishing, and our feelings of isolation and loneliness are growing, the Commons is needed more than ever. They invite people from all elements of life into the space to find new friendships, create micro-communities, and partnerships.

Volunteers help to make this Café possible. They have kept the prices as affordable as possible to ensure everyone can access delicious vegetarian home-style meals, snacks, desserts, and fresh-roasted coffee. Simple and from the heart. It is the people that make this place come alive. Check out the Queen Street Commons Cafe in Downtown Kitchener today!

Click here for more info

The post March 18, 2026: What’s Happening in Your Neighbourhood? appeared first on KW Habilitation.

In this episode of The Cordial Catholic, I'm joined for an absolutely astounding conversation with Dr. Jennifer Bryson, a scholar, a military analyst and lecturer, a former Guantanamo Bay interrogator, and a Catholic convert to talk about the incredible life she's lived – and her amazing conversion to Catholicism!

This episode is absolutely packed. Dr. Byrson begins talking a bit about the work she is currently doing translating the writing of Ida Gorres for Ignatius Press and then launches into the amazing story of her Catholic conversion – from inside Communist East Germany! – and up to her work today in peacemaking, ethics, and freedom of religion. 

What an amazing story.

For more from Dr. Bryson visit her website. And check out her books from Ignatius Press.

Send your feedback to cordialcatholic@gmail.com.

Sign up for our newsletter for my reflections on  episodes, behind-the-scenes content, and exclusive contests.

To watch this and other episodes please visit (and subscribe to!) our YouTube channel.

Please consider financially supporting this show!

For more information visit the Patreon page.  All patrons receive access to exclusive content and if you can give $5/mo or more you'll also be entered into monthly draws for fantastic books hand-picked by me.

If you'd like to give a one-time donation to The Cordial Catholic, you can visit the PayPal page.

Thank you to those already supporting the show!

Theme Music: "Splendor (Intro)" by Former Ruins. Learn more at formerruins.com or listen on Spotify, Apple Music,

A very special thanks to our Patreon co-producers who make this show possible: Amanda, Elli and Tom, Fr. Larry, Gina, Heather, James, Jorg, Michelle, Noah, Robert, Shelby, Susanne and Victor, and William.

Listen on: Apple Podcasts   Spotify

Support the show

Find and follow The Cordial Catholic on social media:

Instagram: @cordialcatholic
Twitter: @cordialcatholic
YouTube: /thecordialcatholic
Facebook: The Cordial Catholic
TikTok: @cordialcatholic

Definitely Thriving follows the life of Clemence, a woman whose life is a bit of a mess after she sabotages her own marriage. She returns home to the Roncesvalles neighbourhood in Toronto with plans to find a new life with more substance and without interruptions from romance and other such nonsense. 

With a quirky array of well-drawn secondary characters, a wonderfully flawed main female character in Clemence and an unexpected love interest, readers will enjoy following Clemence’s as she figures out who she is without society (or her family) telling her who she SHOULD be. I’ll admit that I had hoped for a different couple, but the pair who made it in the end was a wonderful surprise.

Peppered with humour and well-turned phrases that made me smile, this is a an Eat Pray Love kind of story … well, except for the love part (and add in a grumpy landlady). What it does have is charm and a relatable character who finds joy in the imperfect and allows herself time to pause, to stumble and make mistakes yet finds herself thriving despite not having it all figured out yet. 

Final Thoughts: quirky, delightfully awkward and endearing

The time between a vulnerability being detected to exploited has been declining. This web site zerodayclock.com has a great graph, below. It shows that in 2018 you had 2.5 years from detection to get a fix deployed. This worked its way through your supply chain and you updated. Think of a ‘log4j‘ type vulnerability, its a library inside a component inside a larger component inside a product you buy. The ‘gear lash’ speed takes a bit of time, but eventually you get it.

Fast forward to 2025. You had a month. Ouch. The schedule crunch on you, the deployer, was harsh. Maybe the first vendor took 20 days, the second took 5 days, the third 3 days. You have 1 day.

Now. poof. Its 2026. 8 hours. The magic AI means even if you became aware instantly, the sheer build-time of the steps can’t get there. Continuous Deployment + Dependabot can’t save you, and those are modern cloud-native.

You need a fallback strategy. Defence In Depth. You need to plan for each layer being exploited, rather than solely relying on a single unexploitable perimeter.

The engineer in me wonders if this can go anti-causal, if it will go below zero. The short answer is, nearly certainly it already has. The attacker doesn’t disclose the CVE, they just find and use. I talked about this in “AI-Powered Cyber Threats: Protecting Your Critical Infrastructure“. The philosopher in me wonders… is this how it all ends?

The global trade landscape is shifting rapidly, creating uncertainty and challenges for workers, industries and communities across Canada. In a rapidly changing world, we are focusing on what we can control: building a stronger more resilient Canada. This calls for decisive action from governments at all levels to protect jobs, strengthen local economies, and ensure workers can adapt to changing economic realities.

Workers whose jobs have been directly or indirectly impacted by global tariffs will receive support to help them adapt, retrain, and succeed, through a joint tariff-response initiative announced today by the Honourable Patty Hajdu, Minister of Jobs and Families and Minister responsible for the Federal Economic Development Agency for Northern Ontario, and the Honourable David Piccini, Ontario’s Minister of Labour, Immigration, Training and Skills Development.

Specifically, the Canada–Ontario Workforce Tariff Response will deliver $228.8 million over three years, through the Canada–Ontario Labour Market Development Agreement (LMDA), to support workers in the softwood lumber, steel and automotive sectors, as well as other directly and indirectly tariff-affected industries. This new funding will help approximately 27,000 workers in Ontario build new skills and seize emerging opportunities.

Canada–Ontario Workforce Tariff Response supports will be delivered through Ontario’s established network of training programs and employment services, as well as through Skills Advance Ontario (SAO), a tariff‑response initiative designed for employers, workers, and jobseekers, including: unemployed workers seeking to gain new skills for in-demand jobs, workers whose employers are participating in Work-Sharing agreements, so that they may upskill or retrain as these industries adapt; and employed workers seeking new skills to improve their resiliency within companies directly affected by tariffs and global market shifts or their supply chains, or within communities that rely heavily on those companies, such as single-industry communities.

These funds will help workers stay employed, upgrade their skills or retrain as industries adapt. It will also help Ontario employers retain experienced staff during periods of economic uncertainty. In addition, they will also support workforce development in high‑potential sectors such as health care, skilled trades, clean energy and natural resources.

Implementation of the Canada–Ontario Workforce Tariff Response will leverage both existing and new or enhanced mechanisms and will benefit from the input of labour and business representatives. Coordinating directly with impacted businesses to protect jobs will give tariff‑affected workers and those in Work‑Sharing agreements improved opportunities for upskilling or retraining, in a changing economic landscape.

This transformative new approach reflects a shared commitment by the governments of Canada and Ontario to support Canadians through a period of significant economic adjustment, while building a strong, confident workforce—one where workers can navigate global uncertainty and industries can remain competitive in the global marketplace.

Source: Canada.ca 

The post Government of Canada Announces $228M Fund for Ontario Businesses appeared first on Greater KW Chamber of Commerce.

How Smart Cybersecurity Helps Protect Hybrid Workplaces

In the past few years, an increasing number of workplaces have been adopting a hybrid model for their employees, allowing them to split their working hours between the company’s office and their home. Hybrid work has changed how we collaborate and significantly benefited flexibility. However, with more devices and networks coming into play, the door is open for more cyber risks, both in type and frequency.

So, as hybrid work arrangements continue to increase, strengthening cybersecurity is becoming even more of a priority for employers. Here are some of the key details on how to stay protected in a hybrid workplace.

With employees moving between their home and the office, companies must be prepared for a wider range of digital risks. Here are some practical steps every hybrid workplace can take to stay protected.

When working from home, it’s important to keep your devices secure. Companies should ensure that all work laptops and equipment are updated with essential protections. The following are common options for this:

• Firewalls
• Antivirus protection
• Anti-malware software
• Data encryption tools

Employees should also avoid using removable media, such as USBs, wherever possible. This is because removable media can introduce another element of exposure to malware and viruses, among other risks.

When logging into company accounts for work, multi-factor authentication (MFA) requires you to verify your identity a second time after entering your password. In most cases, this involves entering a verification code from an authenticator app or a text message sent to your mobile device.

MFA makes it more difficult for potential attackers to access your accounts. As such, it provides strong protection against common threats, such as phishing.

Although MFA adds more security to your accounts, everyone should still practice good password security. First, this means using strong passwords that contain a mix of both lowercase and uppercase letters, special characters, and numbers.

Changing passwords regularly for accounts such as main computer logins, emails, SEO tools, and platforms storing client data, is also a key component of password security. Many suggest changing passwords every 90 days or immediately if one is suspected to be compromised.

With hybrid workers accessing sensitive company data while they’re at home, network protection is even more crucial. A virtual private network (VPN) allows remote workers to securely connect to the same server they use in the office.

VPNs mask a user’s IP address, hide their location, and encrypt data in transit. All of these help support secure remote access. Companies using VPNs should also confirm their system can handle the number of hybrid workers who rely on it.

Cybersecurity training works best when it’s woven into regular workplace learning. Ongoing training helps individuals feel more confident spotting things like phishing emails, unusual login attempts, or suspicious links. And when employees understand why certain practices matter, such as using strong passwords or locking their devices when stepping away, they’re much more likely to build and maintain those habits.

Cybersecurity isn’t truly complete without the addition of cyber insurance. Also referred to as cyber liability insurance, it’s a type of insurance designed specifically to help organizations manage the financial and reputational risks associated with cyber incidents and data breaches.

When it comes to cyber insurance, the specific coverage varies depending on the policy. However, here are some of the typical elements people will see in cyber insurance coverage:

• Data Breach Response
• Data Restoration and Recovery
• Legal and Regulatory Support
• Business Interruption
• Cyber Extortion and Ransomware
• Third-Party Liability
• Networking Security Liability
• Public Relations and Reputation Management
• Multimedia Liability
• Employee Training and Risk Management

Hybrid work means employees connect to company systems from the office, home, and even public networks. Each connection creates a new potential entry point for a cyber attack. Strong cybersecurity, such as MFA and VPNs, significantly reduce this risk.

However, no security measure is foolproof, which is where cyber insurance comes in. It helps organizations manage the financial impacts of a cyber attack, giving them the time and support needed to recover.

Cyber insurance is meant to complement, not replace, strong cybersecurity. In fact, many policies require businesses to maintain certain protections, such as MFA, to ensure a valid claim.

Even though cyber risks are growing for hybrid workplaces, the tools and strategies available for protecting sensitive data are as well. By leveraging these tools, from strong passwords and multi-factor authentication to promoting ongoing education, organizations can confidently navigate a hybrid work environment while ensuring their systems, data, and employees remain protected. Cyber insurance is an ideal complement to these cybersecurity measures, increasing the resiliency of a hybrid workplace.

At Cowan Insurance Group, we help clients build cyber insurance policies tailored to their risk profile. Speak with one of our experts today to get started.

The post Cowan: How Smart Cybersecurity Helps Protect Hybrid Workplaces appeared first on Greater KW Chamber of Commerce.

On March 5, 2026, the North American Electric Reliability Corporation took a decisive step forward in securing critical infrastructure by passing the final ballot for the latest revision to its internal network security monitoring standard. The new standard, known as NERC CIP 015-2, fundamentally changes how utilities must view and monitor the perimeter of their operational technology networks. Instead of focusing solely on the internal environment of the electronic security perimeter, the mandate now expands to encompass external systems that control and monitor access.

This regulatory update directly addresses a glaring security gap that threat actors have increasingly exploited. By treating systems outside the core network—such as electronic access control or monitoring systems, physical access control systems, and shared cyber infrastructure—as trusted entities, organisations unknowingly provided adversaries with a perfect disguise. If an attacker compromises a trusted remote access server or an authentication gateway, their lateral movement into the protected operational environment appears as entirely legitimate traffic. They effectively bypass the internal monitoring altogether.

The core issue that the Federal Energy Regulatory Commission recognised is that you cannot secure an electronic security perimeter if you are blind to the activity occurring on the systems that connect to it. Traditional network architectures often rely on implicit trust. Once a user or a device authenticates at the boundary, they are granted broad access to internal resources. This model creates a massive vulnerability.

Adversaries know that directly attacking a heavily defended operational technology network is difficult. Instead, they target the softer exterior: the systems designed to manage access. This might include an unpatched jump host, a vulnerable authentication server, or a compromised physical access control system. Once inside these systems, attackers establish persistence, steal credentials, and map the network. Because the compromised system is already trusted by the core network, the attacker can move laterally with impunity.

For utilities and other entities managing critical infrastructure, the expansion of the monitoring requirements means a significant re-evaluation of their security posture. Compliance will no longer be achieved simply by monitoring the traffic within the electronic security perimeter. Organisations must now deploy deep visibility, logging, and monitoring across all systems that facilitate access.

This presents several operational challenges:

• Redefining the monitored environment to include all external access systems
• Managing the massive increase in network telemetry and log data
• Distinguishing between legitimate administrative access and sophisticated lateral movement
• Securing the shared cyber infrastructure that hosts these access systems

However, simply adding more monitoring tools to a fundamentally flawed, inherently trusted network architecture is an exercise in diminishing returns. It creates more noise without solving the root problem: the existence of broad, implicitly trusted connections.

Rather than trying to bolt additional monitoring onto legacy remote access systems, the most effective way to address the requirements of the expanded standard is to eliminate the trusted pivot point entirely. This is achieved by adopting a zero trust architecture.

In a zero trust model, no user, device, or system is inherently trusted, regardless of their location or prior authentication. Every single request for access must be continuously verified. This approach directly neutralises the threat of a compromised access control system being used to move laterally into the operational technology environment.

When you implement an identity-first, zero trust strategy, you are not just monitoring access; you are precisely controlling it. The need to desperately monitor for anomalous lateral movement is drastically reduced because lateral movement itself is made mathematically impossible.

The Agilicus AnyX platform is designed specifically to secure critical infrastructure and operational technology without relying on implicit trust or complex network perimeters. By deploying our platform, organisations naturally achieve the visibility and control required by the updated reliability standards.

Here is how our approach aligns with the new requirements:

• Identity-native access: Access is granted on a per-user, per-resource basis. We integrate seamlessly with your existing single sign-on providers to ensure that only authenticated and authorised individuals can reach specific assets.
• Continuous verification: Every interaction is verified. We enforce strong multi-factor authentication, ensuring that stolen credentials alone are useless to an attacker.
• No inbound ports: Our platform uses an outbound-only connection model. Your critical systems are completely hidden from the public internet, eliminating the attack surface that adversaries typically scan and exploit.
• Granular audit trails: Because we broker every connection at the application layer, we provide a comprehensive, identity-aware audit log of exactly who accessed what, and when. This provides the exact evidentiary data that auditors require for compliance.

By replacing legacy jump hosts and broad network connections with precise, identity-aware access controls, you remove the vulnerable external systems that the new standard aims to monitor. The Agilicus platform acts as an uncompromisable, perfectly monitored electronic access control system.

The passage of the final ballot for this standard revision is a clear indicator of where the industry is heading. Regulators and security professionals recognise that the perimeter is no longer a static line; it is anywhere access occurs. Attempting to secure this dynamic environment with traditional network monitoring is no longer sufficient.

The expansion of monitoring requirements should be viewed as an opportunity to modernise your entire approach to remote access. By moving away from implicit trust and embracing an identity-first access platform, you not only achieve regulatory compliance but also fundamentally harden your operational infrastructure against the most sophisticated cyber threats.

Are you ready to secure your external access systems and meet the new monitoring mandates? Contact us today to learn how our zero trust platform can simplify your compliance efforts while providing frictionless, secure access for your workforce.

Moonshadow Events is a high-concept community-building organization dedicated to fostering entrepreneurship for “alternative” artisans and diverse creators. From live music experiences to our renowned “creepy” themed markets, we specialize in radical inclusion and whimsical storytelling. We prioritize local art and music creators and maintain strict organizational policies regarding cultural property and ethical vending.

• Status: Volunteer / Part-Time (Eligible for secondary/post-secondary/OW/ODSP community service hours).
• Growth Path: This is a core leadership role with a clear pathway to a paid position as we hit upcoming funding milestones.
• The Experience: As a member of our team, you won’t just manage the “books,” you’ll have the opportunity to join us on floor operations to watch our colorful, inclusive work unfold firsthand!
• Website: www.moonshadowevents.com

OVERVIEW

Manage all financial operations to ensure Moonshadow Events can continue supporting underrated art forms. You will provide the fiscal transparency required by our funding partners and oversee our books, organize receipts, assist with event budgeting, and attend board meetings periodically.

• Reporting: Generate monthly financial statements and budget-to-actual reports.
• CRA Compliance: Manage annual T2 and T1044 filings; oversee Public Service Bodies’ (PSB) rebate applications to maximize our community budget.
• Payroll: Execute all payroll functions (stipends, contractor payments).
• Record Keeping: Digital filing and reconciliation of all financial transactions for various events (Summer and Shade Market, National Archaeology Day, etc.).
• Vendor Integrity: Ensure all contractor payouts and vendor fees align with Moonshadow’s internal ethics and cultural property policies.

• Education: Bachelor’s degree in Accounting or Finance (preferred); upper-year or post-graduate students are welcome to apply.
• Experience: Proven track record in bookkeeping or corporate finance. Familiarity with the Ontario Not-for-Profit Corporations Act (ONCA) is a major asset.
• Designation: Ontario CPA preferred (or currently pursuing a CPA charter).
• Communication: Ability to translate complex numbers into clear insights for the board.
• Bonus: Experience with non-profit fund accounting (tracking restricted grant funds vs. general revenue).

THE FINE PRINT We prioritize internal talent. As Moonshadow Events reaches specific funding milestones, there is a clear pathway for this volunteer role to transition into a paid management position.

The post Moonshadow Events appeared first on Capacity Canada.

Frankly I am impressed. I have very good reason to be angry with the Waterloo Region Record (aka K-W Record) but geez it is difficult to stay mad at the twits when they are currently so fulfilling their mandate of keeping the public informed on serious issues. Take note of that Woolwich Township. Decades of bias towards filthy polluters may never be forgotten but it could be mitigated possibly even to the point of forgiveness. Of course that requires some immediate, heartfelt changes in both attitude and behaviour on your part. 

It appears as if the Record along with others are embracing the over pumping of our groundwater as fact not possibility. The Record once again in today's article titled "52 billion litres of water too much, and not enough" goes through the litany of errors and miscalculations of water supply and demand by the Region's water staff.  It is almost to the point of slapstick comedy if it weren't so serious. Yes both developers and home builders' groups are still on the bandwagon of it's not really a case of too much growth or of water supply. They are all too willing to throw both regional staff and councillors under the bus in calling the crisis a "management issue". 

Personally I can embrace both the idea of a finite water supply as well as to a certain extent management issues.  The particular "management issues" that I find so offensive are the lying and blatant disinformation over a period of decades. Items such as the Inter Urban System (IUS) supposedly allowing water from anywhere in the Region to flow wherever it is needed has turned out to be nonsense. Allegedly that is, because I can no longer trust that the Region are telling us the truth. Also the fact that they have lied to Wilmot Township for years as they've been taking their water surreptitiously for use in the cities while the water table has dropped significantly in parts of Wilmot.

I still would like to see both past and current groundwater elevation data from throughout the various moraines and aquifers to confirm that the Region have been inappropriately  "mining" those aquifers and significantly lowering the water levels.   

Or put differently was there ever a time when anybody in authority seriously believed that they had a viable plan to restore the Elmira aquifers to drinking water standards? By those in authority I'm referring to the Min. of Environment (MOE/MECP), the four companies listed above, Waterloo Region or Woolwich Township. These are not idle or spurious questions. Hindsight being 20/20 gives one an entirely different flavour and view of what has gone on. Certainly over the intervening decades there have been significant changes in the surface water of the Canagagigue Creek, the air over Uniroyal/Lanxess and the groundwater beneath the town.

At one time decades ago the Ontario Ministry of Environment was derided as the Ministry of Lumps and Colours in reference to surface waters in the province. In other words the Ministry were satisfied the moment rivers and streams stopped routinely being discoloured by industry  discharges and even solids and sludges being dumped into them. Yes the Canagagigue has far fewer solvents and dissolved toxins in them than they used to have courtesy of Uniroyal Chemical. Unfortunately there has been an extremely limited reduction in Persistent Organic Pollutants with the likes of DDT and dioxins topping the list. These are present whether as suspended sediments (as Dr. Dick Jackson thundered repeatedly) or even as low concentration dissolved contaminants in the water.

The bad old days even as recently as 1998 to 2000 when air discharges sent the "Duke St. rowdies" out of town in the middle of the night seeking refuge  hopefully are done forever.  To many including myself these air discharges simply reinforced our belief that the company (Crompton) were long on talk and awfully slow on action including spending money and time to remove the biggest and baddest air discharges.

It would appear that both the concentrations of contaminants as well as the volume of the various plumes underneath Elmira have been reduced. To what effect however? If the two most obvious targets, NDMA and chlorobenzene still aren't at drinking water standards do you think any of the dozens to hundreds of others are? 

If one has ready access to the on and off-site pumping records as I do then it is obvious that years ago the various polluting companies began cutting back on their pumping and treating volumes just when  they most needed to increase them and when they had publicly promised to do so. They did no such thing nor did they even seriously try to. It was all a scam simply buying time and wasting time as they and their consultants talked and bamboozled both lay citizens and even educated, credentialed members of RAC, TAG and TRAC into deferential submission. The last gasp chance to turn the ship around died in 2015 under the pathetic and woefully uninformed guidance of Sandy Shantz at the Woolwich Township helm. Frankly success was already in huge jeopardy but her embrace of all pleas and lamentations from Chemtura and the Min. of Environment sealed the deal. Lots more talk and lots more hot air but it's all been window dressing and less. 

• What: Day of Action for Public Health Care ♦
• When: 1:00pm on Monday 16 March 2026
• Where: Outside the Hon. Bardish Chagger’s office
• Location: 100 Regina Street, Waterloo, Ontario Map
• Online: waterloohealthcoalition.org/quality-of-health-care/march-16-day-of-action-for-public-health-care/
• Contact: waterlooregionhealthcoalition@gmail.com
• Phone: Jim Stewart +1‑519‑588‑5841

DAY OF ACTION

Dear Public Health Care defenders:

On Monday, 16 March 2026, people across Canada will rally outside the offices of their local Liberal Members of Parliament. The nationwide Day of Action warns public health care for all in Canada is under unprecedented threat and calls on the federal government to enforce the Canada Health Act. Health Coalitions have invited the Liberal MPs to join the event, speak to participants, support the fightback against privatization, and commit to bring this issue back to their caucus in Ottawa as a priority. The rally is outside the office of the Hon. Bardish Chagger, Liberal MP.

1:00pm on Monday, 16 March 2026 at 100 Regina Street, Waterloo, Ontario

Who: Jim Stewart, Chair, Waterloo Region Health Coalition

Invited Speakers:

• Bardish Chagger MP
• Tim Louis MP
• Aislinn Clancy MPP
• Catherine Fife MPP

Bring highly visible banners and signs!

Alberta’s Danielle Smith government has launched an unprecedented frontal assault on the Canada Health Act to end single tier Public Medicare & bring in U.S. private health care. The law brings in private for-profit health insurance, direct billing of patients, queue jumping for those who can afford it pushing everyone else back in line, workplace private health insurance plans and more. It is not “like” U.S. style health care. It is U.S. private health care, and for-profit health care interests are lined up to cash in.

Closer to home, Ontario’s Premier Doug Ford is privatizing public hospitals and is allowing private clinics to charge patients thousands for needed care. By the government’s own numbers, their latest set of private clinics (some of which are essentially hospitals, a number of which are chain owned) aim to redirect 1.2 million patients away from public hospitals. While the government is giving hundreds of millions more to private clinics, it has pushed the majority of public hospitals into deficit in a direct transfer of public resources. Patients are already being charged more than $4,000 per eye in the private cataract surgery clinics that Ford brought in, in violation of our medicare protection laws.

The Health Coalitions are calling on the federal government to:

• Tell Alberta’s Danielle Smith government that its health care privatization scheme contravenes the Canada Health Act and they will face a dollar-for-dollar clawback of federal health care funding if they proceed.
• Require that Ontario stop private clinics from charging patients for medically needed care. The Canada Health Act prohibits user fees and extra-billing of patients, including direct and indirect charges. Thus, no private clinic can require payment for medically unnecessary things (such as extra lenses that do not have anything to do with cataracts) in order to get the medically needed service (such as cataract surgery). Selling queue-jumping for those who have the thousands of dollars available to pay contravenes the requirement that all Canadians have access to health care based on medical need not wealth.
• Ensure that the carve-out of public health care in Canada under trade agreements will protect the rest of the country if Alberta contravenes the Act. Right now, we all risk losing public health care to U.S.for-profit insurance corporations if Alberta persists.

For more information: Jim Stewart +1‑519‑588‑5841 or waterlooregionhealthcoalition@gmail.com

♦

♦

(Image is of Freya and Skadi, both sitting on the landing of the stairs in the new house, looking up expectantly at me as I head down to feed them)

Apologies for missing last month’s update. I got slammed with what felt like everything all at once—including selling our old house. In theory, once the offer is accepted, that’s supposed to be straightforward and it mostly was. I just ended up having to gently explain how some pieces of the documents we provided worked (the advantage of having been an accountant and worked in the condo business!)

I did manage to get the French translations moving and out into the wild. Unfortunately, my translated-by-an-actual-person books appear to have arrived alongside Amazon rolling out a native AI translate in KDP, so Vivian Faure’s excellent work is being lost amongst what I fear is a deluge of slop.

So, uh, please tell your French-reading friends about the books!

Currently I am 75,000 words into Alien Olympus (Starship’s Mage 19 / Mars Unconquered 1) and have realized that I’m only about halfway through the outline. I have written 150,000 word novels before, but I know that they suffer for it. Plus, I have two weeks to finish the book and I’d rather not write 70,000 words in two weeks!

The outline for Alien Olympus is getting split into two books. Thankfully, there is a reasonable break point I can expand to be a novel ender, clearly leading into book 20, tentatively entitled Project Acropolis.

(This probably means that Starship’s Mage is going to wrap up at least a book later than I had planned. If Mars Unconquered runs five books, then… I think that will bring us to book 23?!)

Overall, the release schedule as fixed for this year is:

March 26 – Broken Prince (House Adamant 5)

April 16 – Le Serment du Chasseur (Sang du Changelin 2)

May 21 – Spirit Blade (Spirit Knight 1 – this is the new urban fantasy)

June 18 – l’Honneur du Noble (Sang du Changelin 3)

July 23 – Alien Olympus (Starship’s Mage 19 / Mars Unconquered 1)

September – Flesh and Steel (working title) Saints of the Void 2

November – Wild Star (working title) (House Adamant 6)

My next project up is the third Aether Spheres book, so once I finish Alien Olympus I’m going to be spending a day or two just reading and refreshing myself on that trilogy. Hopefully, everything will be in place for the last Kickstarter this fall.

The goal keeps being to calm my life down so I can both write the books and have space to breathe, but there always seems to be something!

Keep an eye on this space for Broken Prince ARCs in the next week or so.

Happy reading everyone!

-Glynn Stewart

The post State of the Author, March 2026 appeared first on Glynn Stewart.

python parser for human readable dates

Python 2.8k Updated Mar 19

Overall Luisa D'Amato seems pleased with the direction that the Region are taking by hiring an outside consulting firm.  While she does state that "This is a good start." she has a number of suggestions to make it even better. That said what I noticed was her very first sentence in which she suggested  "Finally we may get some answers to the question of why the water supply crisis we are in was allowed to happen, and how the news came as such a complete shock." Hence I was a little taken aback to read that the final report is due within a year. A year !  I'm sorry but that for me does not jive with "Finally we may get some answers...". Citizens deserved honest and confirmed answers a couple of months ago not hypothetically a year down the line. Is this simply more bureaucratic and political gamesmanship to delay and deflect our attention?

Ms. D'Amato raises good points and suggestions. She would like to know why both the Mannheim treatment plant for Grand River water and the Greenbrook pumping station are still in disrepair. Why weren't both of them repaired promptly? Somewhat oddly to me she hasn't repeated her comments about the possible rehabilitation of the Parkway Wellfield or the Woolwner/Pompeii wells along the Grand River . Could she herself have signed some sort of NDA (Non Disclosure Agreement) with the Region? Perish the thought! She is a professional reporter.

Ms. D'Amato also advises that here in Ontario we had a public inquiry after the following major public system failures namely the Walkerton water crisis, the light rail debacle in Ottawa and the fatal mall collapse in Elliot Lake. Oddly enough somehow the 1989 Elmira Water Crisis with its' now failed remediation never was subject to a public inquiry. That was ridiculous then and even more so now when we realize how much more desperately Elmira's water is needed.

Golf, food, prizes, and community spirit – our much-anticipated Annual Golf Tournament is back! Join us on June 12, 2026, at Rebel Creek Golf Club for a day on the course in support of our mission to create welcoming, inclusive spaces where everyone belongs.

Whether you’re a seasoned golfer or just out for a fun day with friends or colleagues, this tournament promises something for everyone, all while supporting a cause that makes a real difference in our community.

Proceeds from the tournament will directly support our second Affordable Housing Project, helping create safe, stable homes for people in our community who need them most.

From the moment you arrive, you’ll be greeted with great energy and a day full of highlights:

♦ 18 Holes of Golf & Cart
Your registration includes a full round of golf with a cart, the perfect opportunity to enjoy a beautiful course and some friendly competition. 

♦ Prizes, Surprises & Fun
There are fun challenges, giveaways, and prizes to be won.

♦ A Fresh Twist on Post-Golf Dining
We’ve made an exciting update to our end-of-day gathering!

Instead of a traditional sit-down dinner, golfers will now enjoy a lively and social appetizer-style reception as part of the tournament experience. This new format allows everyone to mingle, chat over delicious bites, and keep the energy high after a fantastic day on the course.

Expect a multitude of gourmet appetizers, thoughtfully prepared to satisfy every palate, without the formality of assigned seating. There will be plenty of options that every golfer will enjoy.

Date: Friday, June 12, 2026
Location: Rebel Creek Golf Club

Registration Includes:
♦ 18 holes of golf
♦ Cart rental
♦ Lunch
♦ On-course refreshments & light bites
♦ Light dinner
♦ Prizes & surprises!

Every swing, every snack, and every smile at this event supports inclusive community programming through KW Habilitation. Whether you’re registering as a golfer or becoming a sponsor, your participation directly fuels our vision of a community where everyone can belong, on and off the course.

Early bird registration is available now! Save $25 on your ticket by signing up before April 15th!

Reserve your spot or secure your sponsorship today ♦ kwhab.ca/golf/

See you on the course! ♦

The post Join us for our 2026 Golf Tournament! appeared first on KW Habilitation.

The post Pebbles appeared first on Grand River Rocks Climbing Gym.

The clock is ticking. On April 1, 2026, NERC CIP-003-9 becomes enforceable, bringing stringent new requirements for how low-impact bulk electrical systems implement vendor electronic remote access security controls.

If your organisation is still relying on a VPN for vendor access, you are staring down a massive compliance liability. VPNs are no longer the industry standard or best practice for remote connectivity. They are a vulnerability.

Consider the Colonial Pipeline breach. A single compromised VPN connection brought down 45 per cent of the U.S. East Coast’s refined oil supply across a 5,500-mile network. The result? A 75-bitcoin ransom, 100 gigabytes of stolen data, and a catastrophic six-day shutdown.

Giving a third-party vendor network-level VPN access just to service a single HMI or PLC is like giving a locksmith the keys to the entire city just to fix one door. It is an unacceptable risk, and the new regulatory constraints are designed to eliminate it.

Section 6 of the new standard demands granular control, specific ‘time-of-need’ access, and immutable audit trails that prove exactly who did what. Using the blueprint provided in Attachment 2 of the CIP-003-9 document, compliance requires:

• Pre-authorised access: Tied to individual user levels, explicitly eliminating the use of shared credentials.
• Time-of-need session initiation: Access that exists only when work is actively required and approved.
• Granular audit trails: Detailed session logging retained for a minimum of three years.
• Security information management: Active logging and alerts for remote sessions.
• Instant disablement: The ability to immediately revoke vendor remote access at the individual user level.

Legacy remote access tools—VPNs, remote desktop, jumpboxes, and VNC—are fundamentally unequipped for these constraints.

They cannot easily pre-authorise access at the individual user level. They fail to provide complete, immutable audit trails. Most damningly, they often rely on shared credentials, making it impossible to confidently disable a single user without disrupting the entire vendor team.

Meeting NERC CIP-003-9 means moving beyond perimeter-based defence and adopting a zero-trust architecture. It means specific, identity-based access to individual resources, not the entire network. This approach replaces weak perimeters with robust multi-factor authentication and granular, context-aware authorisation.

I recently hosted a webinar breaking down exactly why legacy tools fail these new requirements and how to architect a compliant, zero-trust solution for your critical infrastructure.

Watch the full webinar: NERC CIP-003-9: Why your VPN is a compliance dumpster fire

GitHub's Online Schema-migration Tool for MySQL

Go 13.3k 2 issues need help Updated Mar 18

If you’ve been spending time around Brickhouse lately, you may have noticed a new face behind the scenes.

Alex Shellington has recently joined the Brickhouse team, bringing with him a deep passion for guitars, recording, and the craft of great sound.

Alex is a recent graduate of the Ontario Institute of Audio Recording Technology (OIART), where he earned a Diploma in Audio Recording Technology. During his time there, he developed a strong foundation in recording, mixing, sound design, and music production, working on a variety of creative projects including film scenes, animation, and commercial audio.

Today, Alex is one of the people helping run Octane Studios, the recording studio located inside The Octave Music Centre, Brickhouse’s sister location. Working in a studio environment has given him a unique perspective on guitars, particularly how different instruments translate when they’re placed in front of microphones.

In the studio, subtle differences in tonewoods, body shapes, and construction quickly reveal themselves. A guitar that feels great in the hands can take on an entirely new character when captured through a microphone. That experience has shaped Alex’s appreciation for boutique acoustic guitars, where careful craftsmanship and thoughtful design make a noticeable difference in tone, balance, and responsiveness.

Before stepping into the studio world, Alex also spent time working at The Octave Music Centre as a sales representative and guitar technician, helping players find instruments that suited their style while also performing setups and maintenance work.

At Brickhouse, Alex is excited to bring together his interests in guitars, recording, and the finer details of acoustic tone. Whether it’s helping showcase new instruments, creating content, or simply talking shop with fellow players, he enjoys exploring what makes each guitar unique.

After all, when you spend enough time in a recording studio, you quickly learn that the right instrument can make all the difference.

And sometimes, the smallest details in a well-built acoustic guitar are exactly what make a performance come alive.

♦

OUR VISION

To be a gateway to safety, support and a future without abuse for her and her children.

OUR MISSION

Halton Women’s Place will provide a safe haven, information, and education to support a future without abuse for women and their children.

VALUES

Halton Women’s Place will:

• Make emergency shelter and/or crisis services accessible to all abused women and their dependent children.
• Provide crisis services and information to women and children living in the shelter and in the community at large.
• Provide non-judgmental, empathetic crisis counseling for all abused women and their dependent children.
• Design and implement strategies to inform and empower abused women and their dependent children to make decisions about their safety, rights and options.
• Design and implement strategies to promote and provide public education to end violence against women and children.

Halton Women’s Place (HWP) is an independent, not for profit charitable organization that provides shelter and crisis services for physically, emotionally, financially, and sexually abused women and their dependent children and is dedicated to ending violence against women and their children.

The HWP Governance Committee of the Board of Directors is seeking a new Board Member who is passionate about our mission and values to join our Volunteer Board.  We are recruiting a Board Member who reflects the diversity of our community to ensure a broad spectrum of perspectives are represented in decision making. Serving on the Board is an extraordinary opportunity for individuals who share HWP’s vision and who live in one of the communities within Halton. The selected Board Member will have previous board experience in addition to leadership skills in any of these key areas; business, law, health care, government, philanthropy or the non-profit sector.

As a Board Member, you will be required to:

• Participate fully in the deliberations of the Board, encourage open discussion, ask relevant and probing questions at the strategic level.
• Review management’s strategic plans and initiatives, provide input on, and monitor performance.
• Provide financial oversight, assessing and monitoring program costs, ensuring organizational financial health.
• Consider principal risks and provide recommendations on how best to manage and mitigate.
• Monitor and assess the Board’s effectiveness in fulfilling all the responsibilities of its mandate.
• Work collegially as part of a team, respecting the views of others on the Board.
• Demonstrate a commitment to learning, taking advantage of opportunities for continued development.

As a Director, you will serve a term of three years, with eligibility for reappointment for one additional term.

Meetings of the Board of Directors are currently held on the last Wednesday of each month from 6:00-8:00 pm except for July and August when no meetings are held.  Board members also serve on committees as needed.  Board meetings alternate between being held in person in Burlington, Ontario and virtually.

If you would like to be part of a dynamic, committed, volunteer Board of Directors that will impact the lives of women and their children in Halton, please apply with a brief cover letter and resume, clearly stating the reasons why you would be an excellent candidate for this position.

All applications received will be reviewed by the Governance Committee.  Candidates who are shortlisted will undergo interviews with committee members, and the final list of potential candidates will be presented to the Board.  Those who are chosen will be required to attend Board meetings before being officially nominated for election at Halton Women’s Place Annual General Meeting which will take place in June, 2026.

Halton Women’s Place is committed to an inclusive Board selection process to attract all candidates.  Matters related to Board and committee members are guided by principles that embrace values, policies and practices that ensure all people represented are treated fairly in the work of our mission and delivery of service, without regard to race, ethnicity, age, physical or mental disability, sexual orientation, gender, gender identity, socioeconomic status, marital status, religion or other bias. HWP welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process.

To apply, please reach out to Cathy Mudge at cmudge@haltonwomensplace.com by April 3rd, 2026.

Join us in making a difference in the lives of women and children in our community.

The post Halton Women’s Place appeared first on Capacity Canada.

I am curious as to how many citizens don't know that the main purpose of so called third party consultants is to do almost the same thing as public consultation does. That is to give a veneer of credibility and respectability to Council decisions that are more likely to be politically motivated than factually motivated. Indeed it is possible sometimes to have an overlap between good politics and good governance.  Just not often enough.

Today's K-W Record has an article by reporter Bill Jackson titled "Council orders water capacity review".  In fact that's a bit of a misnomer. The review being ordered is a review of water capacity reporting and communicating processes. That's a whole different beast.  Councillor Doug Craig suggests that it won't be about assigning blame. Well darn what's the fun in that? We the citizens and paying taxpayers want names. We want to hang people in effigy. We want accountability and let the chips fall where they may whether it be politicians or staff. We want guilty, incompetent or negligent people turfed whether from regional council or regional staff. Hmm it makes me suspect that this review may be no more than a glad handing exercise. Put some obvious reporting triggers onto paper as well as even more frequent sending of memos upstairs to staff supervisors to continue being ignored while publicly praising the consultants and everybody else involved. Isn't that generally how politicians work?    

The request to the province to put a pause on new or expanded water taking permits has been deferred to March 25/26 ostensibly. There was also discussion around a Lake Erie pipeline. You know that that water will most likely be treated at least enough not to cause immediate, debilitating pain or disease.  I mean right now our water, food and air have already been horribly contaminated and compromised albeit within carefully selected parameters. Did you know that Health Canada and Ontario Health are routinely lobbied for reduced health criteria by business and industrialists? To clarify, by reduced health criteria I don't mean lower concentrations of contaminants, I mean less stringent standards allowing higher concentrations of toxic chemicals in our food and water and air.

Along with the Lake Erie discussion there was also concern expressed by some regional staffers (Kenneth Brothers) who suggested that "We have to be very cautious in that we're vulnerable in terms of the aquifer restrictions.".  I believe that this information is the most important to have as soon as possible. Until the Region know absolutely the water levels of the various aquifers in and around the Waterloo Moraine ( & others) it is impossible to know what long term sustainable pumping amounts really are.   

The speed to chaos is going up. In our highly connected, digitally dependent world, a single compromised update or a targeted cyberattack can bring global operations to a grinding halt in a matter of minutes. We have seen this play out twice in recent memory with devastating consequences: the 2024 CrowdStrike outage and the recent breach of Stryker by the Handala threat group.

While the root causes of these two events differ—one was a flawed software update, the other a malicious state-sponsored attack—the underlying vulnerability is identical. Both incidents expose the profound risk of relying on homogeneous, centrally managed, and self-updating software across critical infrastructure and manufacturing sectors.

In July 2024, a faulty configuration update deployed by CrowdStrike caused approximately 8.5 million Microsoft Windows systems to crash globally. The update bypassed traditional staging and directly impacted the operating system kernel. The result was immediate and catastrophic: airlines grounded flights, hospitals cancelled procedures, and manufacturers halted production lines. The outage was not the work of a bad actor, but it demonstrated how a central system with direct access to millions of endpoints could instantly become a single point of failure.

Fast forward to the recent cyberattack on Stryker, a major medical technologies corporation. According to reports, the threat actor known as Handala compromised Microsoft Intune, a cloud-based endpoint management solution used by Stryker. By gaining control of this centralised management tool, the attackers were able to wipe an estimated 200,000 managed devices, including the personal devices of employees connected to the corporate environment. The attackers also defaced the corporate login pages, signalling a deep compromise of the identity infrastructure.

In both cases, the architecture designed to secure and manage devices efficiently became the very weapon used to dismantle the network. When every machine runs the exact same software, listening to the exact same central server for commands, a single flaw or compromised credential can deploy chaos universally.

As the speed to chaos goes up, the time security teams have to react is rapidly going down. Automated systems push updates or malicious payloads across global networks in seconds. By the time an alert triggers in a security operations centre, the damage is already done.

Conversely, the time to repair is going up. Wiping out or bricking a device remotely is fast; recovering it is painstakingly slow. Following the CrowdStrike outage, IT teams had to manually reboot affected machines into safe mode and delete problematic files—a process that took days or weeks for large enterprises. For Stryker, the challenge is even more daunting. How long will it take to securely rebuild and restore 200,000 corporate and personal devices?

The collateral damage extends beyond just the hardware. Modern security architectures heavily rely on multi-factor authentication to verify identities. However, when multi-factor authentication tokens or authenticator applications are tied to the very devices that have been wiped or locked, users lose their primary method of identity verification. Employees are suddenly locked out of alternative communication channels, backup systems, and recovery tools, significantly compounding the crisis and delaying the restoration of operations.

For industrial and manufacturing environments, the stakes are exponentially higher. Operational technology networks are increasingly converging with enterprise IT systems. The convenience of using centralized endpoint management tools across both environments creates an unacceptable risk profile.

If a state-sponsored actor can leverage a tool like Intune to wipe corporate laptops, what stops them from pushing malicious updates to the engineering workstations that control PLCs and industrial processes? The homogeneous nature of these networks means that an attacker does not need to understand the nuances of every individual machine; they only need to compromise the central authority.

As we have detailed in our analysis of why vendor remote access is a critical vulnerability, granting broad, unsegmented access to third-party tools and vendors introduces severe supply chain risks. A compromised vendor or a hijacked central management platform bypasses the traditional perimeter, delivering chaos directly to the core of the business.

To break this cycle, organisations must move away from blind trust in central, monolithic platforms. Instead, we must architect for resilience. This means adopting a true zero trust architecture that limits the blast radius of any single failure or breach.

• Isolate critical infrastructure: Ensure that management tools used for enterprise IT do not have unfettered access to operational technology environments.
• Implement pairwise authorisation: Access should be granted on a strict person-to-resource basis. A central management tool should not inherently possess the rights to wipe all devices simultaneously without additional, out-of-band verification.
• Decouple identity from a single point of failure: While multi-factor authentication is essential, organisations need robust, secondary recovery mechanisms that do not rely on the same endpoint devices that are vulnerable to mass-wipe attacks.
• Eliminate inbound connectivity: Stop relying on broad VPN access that connects entire networks. Use secure, outbound-only connections to provide access exclusively to the specific applications and resources an individual needs.

The lesson from CrowdStrike and Stryker is clear: efficiency and centralisation cannot come at the cost of resilience. As attackers continue to target the very tools designed to manage our networks, our defensive strategies must evolve to contain the damage and preserve the continuity of critical operations.

Are you ready to rethink your approach to secure remote access and protect your industrial operations from systemic failures? Contact Agilicus to learn more about how a zero trust architecture can insulate your business from the rising speed of chaos, or book a meeting with our team today.

I did mention yesterday that there were both LNAPLS (light non aqueous phase liquids) as well as DNAPLS  (dense non aqueous phase liquids) on the 62 Union St. Varnicolor Chemical site. Those alone could have destroyed any chances of cleaning up the Elmira Aquifers either solely or mostly with pump & treat technology.  This is because both LNAPLS and DNAPLS have a low solubility in water and tend to either float on the surface of ground and surface water (LNAPLS) or at the bottom of aquifers (DNAPLS) and only slowly dissolve into the water  over a period of decades or even centuries. Hence they are an ongoing almost never ending source of contamination in the subsurface.

Add to that the recent statements (yesterday's Blog posting)  in which Jesse Wrighte of Arcadis Inc. advised TRAC, the MECP, the Region and the Township of multiple nearby Varnicolor Chemical companies who used chlorobenzene in their processes. How extraordinarily strange that that little tidbit took 35 years to be released publicly. Also extraordinarily strange that a solvent recycler like Varnicolor Chemical allegedly never used and abused chlorobenzene on their site as they did virtually every other solvent they dealt with. That is strange because chlorobenzene is a very common solvent both used as an intermediary in production processes (i.e. Uniroyal Chemical) as well as with paint manufacturers and auto body shops as well as car manufacturers all of whom were clients of Varnicolor Chemical. Does anyone really wonder why I have been calling out those in charge of our failed cleanup as dishonest swine or worse?

Then there is the incredible attempts by the Ontario Ministry of Environment (M.O.E./MECP) to cover up the illegal activities of Varnicolor Chemical. Their efforts stopped at nothing. They lied about everything. But for two things they might have gotten away with it. Firstly despite being ordered years previously to erect fences around Lot 91 they never did. Good fences make good neighbours but I and others had no qualms about gathering evidence including video and photographs which constantly refuted the Ministry's lies. Then there was my inside person at Varnicolor. I did hear at one point that Severin suspected his office manager Jeanette. I hope that wasn't so because she was a loyal and dedicated employee unlike myself who found more than a couple of employers over the decades to be absolute a**holes with Severin Argenton being front and centre.  My inside person tipped me off constantly as to what was happening or going to happen at Varnicolor next. This even included the Glen McDonald fiasco in which he was fired by the Ministry of Environment and charged by the Crown for tipping off Mr. Argenton about an upcoming police and Ministry raid of his property (62 Union & Howard Ave. property). 

Lastly of course is the problem of low concentrations of dioxins dissolved in Elmira's groundwater despite all howls and protests by our favourite polluter to the contrary.  I mean seriously after 36 years of delay, deception, manipulation and lying only fanatical, pro business, left hating, anti communist, anti socialist ideologues would put weight on any gross polluters' opinions. Until PROVEN otherwise I have to ask exactly how keen are pro NDMA drinkers going to be about including even low concentrations of incredibly toxic  2,3,7,8 TCDD (dioxin) to their morning coffee. 

So go ahead and mix Elmira water with the low level solvents and stuff already in our Integrated Urban System (IUS) and watch another social problem of too few workers supporting too many seniors also disappear, me included.

The SERC Reliability Corporation recently released its highly anticipated 2024-2026 Regional Risk Report, offering a stark assessment of the threats facing the bulk power system. Among the findings, one reality is undeniable: the modern grid is more interconnected than ever, and that connectivity is introducing unprecedented cybersecurity risks. While the report highlights several areas of concern, the exploitation of vulnerabilities through vendor remote access and legacy systems stands out as a critical, immediate threat to operational technology environments.

According to the SERC assessment, the rapid digitalization of our power grid and infrastructure brings profound benefits but equally profound vulnerabilities. The report identifies supply chain constraints and the exploitation of vulnerabilities as top-tier risks requiring active management. It is no longer sufficient to merely patch systems. The reliance on third-party service providers and cloud-based services for operational support has fundamentally altered the attack surface.

Threat actors are highly motivated and well-resourced. They understand that compromising a single third-party vendor can provide a backdoor into highly secure environments. The SERC assessment specifically calls out vendor remote access as a primary cyber security risk within the supply chain. When vendors require access to internal systems for maintenance, diagnostics, or operations, traditional security perimeters dissolve.

Historically, organizations provided remote access via virtual private networks. A vendor is given credentials, they log in, and they are granted broad access to the internal network. This architecture treats the network perimeter as a hard shell, assuming everything inside is trusted.

However, the SERC risk report underscores the danger of this approach. If a vendor’s credentials are compromised—whether through phishing, malware, or a breach of the vendor’s own systems—the attacker inherits that trusted status. Once inside, they can move laterally, mapping the network, identifying critical systems, and preparing for disruptive action. In industrial environments governed by strict compliance mandates like the North American Electric Reliability Corporation Critical Infrastructure Protection standards, this level of unchecked lateral movement is a catastrophic failure.

Another major theme in the SERC report is the challenge of legacy architecture compatibility. Critical infrastructure relies heavily on programmable logic controllers and human-machine interfaces that were designed decades ago. These systems prioritize availability and reliability over security. They often lack native authentication mechanisms, cannot support modern encryption, and cannot run endpoint detection software.

When you combine insecure legacy systems with broad vendor remote access, the risk compounds exponentially. A compromised vendor account accessing a network filled with undefended legacy controllers is a worst-case scenario. Organizations cannot simply rip and replace these legacy systems—the capital expense and operational disruption would be immense. Instead, the security must be overlaid, intercepting and inspecting every request before it ever reaches the vulnerable controller.

To mitigate the risks outlined by the SERC report, organizations must abandon perimeter-based trust and adopt a zero trust architecture. This model assumes that no user, device, or application is inherently trusted, regardless of whether they are internal or external.

In a zero trust environment, access is determined by identity and context, not by network location. Every request must be authenticated and authorized. This is where securing critical infrastructure requires a modern approach. Instead of providing a vendor with a virtual private network connection that grants network-level access, access is restricted to the specific application or system they need to perform their job, and nothing else.

Crucially, this access must be protected by strong, phishing-resistant multi-factor authentication and integrated with existing single sign-on providers. This ensures that the person accessing the system is exactly who they claim to be. If an anomaly is detected—such as a login from an unexpected geographical location or an unfamiliar device—access can be dynamically revoked.

For entities navigating the complexities of the North American Electric Reliability Corporation Critical Infrastructure Protection standards, modernising remote access is not just a security imperative; it is a compliance requirement. The SERC findings make it clear that regulators and assessors are acutely aware of the risks posed by supply chains and vendor access.

By implementing strict identity and access management, organizations can provide a detailed, immutable audit trail of every action taken by every user. You know exactly who logged in, when they logged in, what system they accessed, and what actions they performed. This level of visibility is impossible to achieve with shared credentials and legacy remote access tools.

The SERC 2024-2026 Regional Risk Report is a vital reminder that the threats to our power grid and essential services are evolving rapidly. Supply chain attacks are no longer theoretical; they are a primary attack vector. Relying on outdated security models to protect decades-old infrastructure is a recipe for disaster.

We must embrace an architecture that acknowledges this reality. By removing the network from the equation, enforcing strict identity verification, and adopting true micro-segmentation, organizations can provide vendors with the access they need without compromising the integrity of their operational technology environments.

It is time to stop building higher walls and start securing the assets themselves. If you are ready to eliminate the risks of vendor remote access and bring true zero trust to your legacy systems, contact us today.