Cybersecurity

Join ITIF for an expert panel discussion on the current state of federal privacy negotiations and the path forward for Congress.

Please join ITIF’s Centre for Canadian Innovation and Competitiveness for a virtual panel on what Bill C-22 would actually do, why building in backdoors tends to introduce new security risks rather than contain them, and what a more targeted approach could look like.

Please join the Centre for Canadian Innovation and Competitiveness for the first in a series of virtual panels this summer on Canadian tech policy. This discussion will examine how Canada should think about sovereignty in cloud and compute, what current proposals get right and wrong, and what a more disciplined approach to digital dependence would look like.

The United States’ patchwork approach to privacy is unworkable in the long term. But that patchwork is already here, and Congress can learn from the policies states have implemented to craft a national data privacy framework.

As AI-powered cyber threats become more advanced, the federal government should modernize the CyberCorps SFS program by integrating AI-security training, reforming cyber hiring pipelines, and expanding training infrastructure to build a stronger cybersecurity workforce.

Requiring government approval before releasing advanced AI models would slow innovation, politicize AI development, and weaken U.S. competitiveness. Instead, policymakers should focus on collaborative safety efforts and strengthening cybersecurity.

Cyberattacks are rising across state and local governments, and the blog recommends that all states adopt coordinated strategies, clear standards, and stronger cyber capabilities to close security gaps and improve resilience.

State and local governments face rising cybersecurity risks that strain budgets, disrupt services, and erode public trust. Governments need targeted investments in modern infrastructure, continuous monitoring, and stronger third-party risk management to protect critical services.

Canada’s cloud debate is asking the wrong question—control, not domestic ownership or server location, is what determines security and resilience in practice.

While the U.S. has focused on securing AI systems themselves, it must urgently shift toward using AI defensively—through coordinated government, industry, and infrastructure efforts—to counter the growing threat of AI-powered cyberattacks on existing systems.