Canada faces a mounting cyber crisis, yet remains woefully underprepared. In recent years, dozens of Canadian organizations (from hospitals to utilities to federal agencies) have been hit by sophisticated cyberattacks, causing service disruptions and data theft. Hospitals in Ontario were paralyzed by ransomware, interfering with patient care, and even national systems like emergency alerts were crippled by hackers. Meanwhile, global events, such as the SolarWinds and Microsoft Exchange hacks, the Colonial Pipeline ransom, and others, have shown that no society is immune to cyber aggression. Yet Canada’s official strategies and resources have lagged these threats. As Public Safety Canada notes, as part of Canada’s National Cyber Security Strategy (2025), “the number of incidents Canada experiences every year continues to grow” even as the country takes steps on cyber defense. In essence, Canada’s cybersecurity defenses are outdated and underfunded just when they need to be stronger than ever.
How Did We Get Here?