Cybersecurity

Join ITIF for an expert panel discussion on the current state of federal privacy negotiations and the path forward for Congress.

Please join ITIF’s Centre for Canadian Innovation and Competitiveness for a virtual panel on what Bill C-22 would actually do, why building in backdoors tends to introduce new security risks rather than contain them, and what a more targeted approach could look like.

The National Vulnerability Database is struggling with growing backlogs, outdated processes, and overlapping responsibilities that threaten its effectiveness. NIST should improve coordination with CISA, modernize vulnerability management systems, and strengthen stakeholder engagement to restore trust and efficiency.

Watch the first event in the Centre for Canadian Innovation and Competitiveness's series of discussions on Canadian tech policy. This discussion examined how Canada should think about sovereignty in cloud and compute, what current proposals get right and wrong, and what a more disciplined approach to digital dependence would look like.

The United States’ patchwork approach to privacy is unworkable in the long term. But that patchwork is already here, and Congress can learn from the policies states have implemented to craft a national data privacy framework.

As AI-powered cyber threats become more advanced, the federal government should modernize the CyberCorps SFS program by integrating AI-security training, reforming cyber hiring pipelines, and expanding training infrastructure to build a stronger cybersecurity workforce.

Requiring government approval before releasing advanced AI models would slow innovation, politicize AI development, and weaken U.S. competitiveness. Instead, policymakers should focus on collaborative safety efforts and strengthening cybersecurity.

Cyberattacks are rising across state and local governments, and the blog recommends that all states adopt coordinated strategies, clear standards, and stronger cyber capabilities to close security gaps and improve resilience.

State and local governments face rising cybersecurity risks that strain budgets, disrupt services, and erode public trust. Governments need targeted investments in modern infrastructure, continuous monitoring, and stronger third-party risk management to protect critical services.

Canada’s cloud debate is asking the wrong question—control, not domestic ownership or server location, is what determines security and resilience in practice.