This op-ed first ran in the Toronto Star on June 22, 2025.
As global tensions rise and the trade war continues, countries are bracing for conflict amid growing cyberthreats, all while the U.S. weakens its own cyber defences by dismantling federal initiatives. Making matters worse, generative AI is increasing both the scale and complexity of attacks, as well as driving disinformation campaigns that disrupt elections, weaken institutions, and chip away at public trust. Many nations are racing to prepare for a new era of cyber warfare that blurs the line between traditional conflict and virtual aggression.
After securing a new government, Canada now faces a pivotal moment. We cannot afford to fall behind in cybersecurity. In fact, we need to lead the charge.
Canada relies on many of the same social media platforms, cloud services, software providers, and hardware supply chains as the United States. Our economies are linked, our communications systems are intertwined, and our essential services are often protected by the same technologies — and threatened by the same vulnerabilities.
Cyberattacks and potential disruptions of digital infrastructure erode public trust in democracy and public services. They also expose sensitive data, inflict millions in economic losses, and jeopardize public safety and national security.
The federal government is, however, showing renewed focus on digital resilience, underscored by the appointment of Canada’s first Minister of AI, Evan Solomon. Prime Minister Carney has also begun shaping international cyber partnerships and pledging major investments in defence and digital infrastructure. But ambitious plans must translate into action. Past strategies fell short, and the new federal cyber action plan has yet to take shape publicly.
In 2025, Canada must massively scale up its own cybersecurity capabilities and invest in Canadian cyber like never before. That means that governments must significantly increase their funding in detecting AI-driven threats, proactively share intelligence and co-ordinate responses across the public and private sectors, and double down on building long-term resilience, particularly when protecting our critical infrastructure.
Here’s what Canadian cyber leadership needs to look like now.
First, we must train the next generation of cyber professionals to meet the complex and evolving threats of this era. While there’s growing concern about a talent shortage, we still lack a clear understanding of where the most critical gaps truly lie. Cybersecurity is a broad, interdisciplinary field, and our national response must reflect that reality.
Canada must invest boldly in cyber education and workforce programs across all sectors. That means not just engineers and analysts, but also executives (decision-makers), procurement specialists (buyers), and IT professionals (implementers). Cybersecurity can no longer be siloed; it must become a core competency across entire institutions. The threats are complex, and our response must be equally comprehensive.
Second, we must build resilient public institutions. Public sector systems are particularly vulnerable to cyber threats, with critical systems like election infrastructure, health-care networks, and municipal water treatment plants increasingly vulnerable. Yet many government systems remain outdated and underfunded, with cybersecurity investments falling short of the risks they face. All levels of government must be equipped to detect and respond to evolving threats with enhanced training, adequate resources, and clear protocols.
Third, we must ensure Canadian businesses have access to the cyber expertise they need to stay secure, especially small and medium-sized enterprises, which are frequently left vulnerable. These companies must have access to tools, training, and funding to identify and address threats before they cause harm.
The government should also invest in and support homegrown cyber companies, expand access to grants, build shared intelligence platforms, and partner with industry to develop scalable, sector-specific solutions that position Canada as a global cybersecurity leader.
At its core, cybersecurity is not just a tech issue — it’s a people issue. Our response must prioritize the professionals who defend our systems, the citizens who rely on trustworthy information, and the businesses and communities most vulnerable to attacks.
We need a national strategy that prioritizes intelligence sharing, workforce development, and proactive public policy that meaningfully engages the public, private, and academic sectors to build solutions together — and most importantly, reflects the scope and pace of today’s cyber landscape.
We must lead now — to protect what matters and build what’s next
