Artist's rendition of Carleton U's Arise building, where the Canadian Cybersecurity Innovation Institute will be located. Graphic from Carleton University

Published: May 8th, 2018

Clarification: On May 17 Carleton University told ITWC  that while an arrangement with the Canadian Cybersecurity Innovation Institute has been discussed, a deal has not yet been finalized. The story has been updated to reflect this. The story should also have made it clear that any agreement with a university would be with the Institute. CATA would be a supporting partner.

One of the problems small and medium-sized Canadian software companies face is that the federal government doesn’t buy enough of their solutions. SMBs are told if Ottawa seemingly has a lack of faith in their products, why should others – including buyers in foreign markets – take a risk?

Many of these companies might hope a proposed new facility in the capital will be the answer.

Called the Canadian Cybersecurity Innovation Institute (C2I2), it would serve multiple functions: A place where new solutions could be tested to show the federal government they have the security Ottawa needs; and could show they can scale for the biggest of commercial buyers here and around the world. In addition, the institute would sell cyber security training to organizations.

Backers would like the institute to be housed in Carleton’s Arise (Advanced Research and Innovation in Smart Environments) building, now under construction. There have been discussions with the university, but a final agreement has not yet been reached.

One of those supporters is the Canadian Advanced Technology Alliance. In an  interview Katherine Thompson, chair of CATA’s cyber council, says the goal of the institute is to create a showcase for Canadian innovation.

Thompson said the plan calls for a data centre for testing applications, and an executive and a program director. If the institute is part of a university, doctoral students and researchers would also be available on contract. It would be funded in part by public and private sector memberships. An executive director will be announced shortly, Thompson said.

Meanwhile, she said, the first cyber security training courses will be available by the end of this month.

Ottawa was chosen in part because the federal government is a big purchaser of IT solutions. The city also houses the Defence department, which includes the Communications Security Establishment (CSE), charged with protecting federal IT networks and infrastructure, as well as the new Canadian Centre for Cybersecurity; and the RCMP’s new National Cybercrime Co-Ordination Centre.

“We’re trying to bring together those [organizations] with big problems – the federal government, Defence, critical infrastructure – with those that have the ability to solve those problems, whether through research or innovation,” Thompson said.

In a way the institute grew out of CATA’s hope cyber security would be one of the five approved federal innovation superclusters announced earlier this year. Thompson also credits Ottawa millionaire entrepreneur Terry Matthews with telling CATA that around the world countries are pushing their cyber security sectors –notably Israel – but not Canada.

Ultimately the federal government chose not to fund a cyber security supercluster. However, Thompson argues, “in any type of innovation [product] security by design should be a foundational consideration in Canada,” and will need the use of the institute.

Part of the institute’s function will be a place where the public and private sectors can say “here’s what we need” to innovators, she said.

As for the federal government, Thompson said its procurement process is “arduous, very labor-intensive, and sometimes it doesn’t give government the chance to see innovation at the cutting edge. By the time they get through the process that innovation becomes status quo.” The institute will give Ottawa the opportunity to see innovative products early.

“We don’t do a very good job of investing in home-grown technology. So we’re hoping through a number of affiliations we’re going to build a better showcase or platform for what’s happening. There’s fantastic work being done [by solution providers] but we don’t have a venture-rich culture like we see in other countries.” One of those affiliations is with CyberSecurity San Antonio, a Texas hub for startups.

When the lab opens three projects – two involving blockchain, and one for autonomous vehicles – have already been selected for testing.

The other leg of the institute is cyber security training for employees and the C-suite, to help close the gap in the demand for experienced cyber security engineers. While a number of higher-education institutions here are increasingly turning out students there won’t be enough of them for a few years. That gap can be filled with professional development courses, Thompson said.

These will include five-day courses in forensics, incident response and in malware analysis; three-day courses in insider threat training and in cloud security; and in board/C-level training.



Related Download
How GDPR can be a strategic driver for your business Sponsor: Micro Focus
How GDPR can be a strategic driver for your business

Register Now