Insights > Learn

Why Canada’s digital security depends on prioritizing homegrown technology

Friday, February 21, 2025

Canada's procurement practices are putting our digital future at risk. While tariffs and trade policies dominate headlines, the deeper issue is our reluctance to invest in homegrown technology. Canadian cybersecurity startups struggle to gain recognition at home, often having to prove themselves abroad first.

Every time we opt for international cybersecurity solutions, we miss the opportunity to build industry expertise, secure intellectual property and strengthen our ability to protect against digital threats. Countries like the U.S., Germany, and Israel invest in their startups, ensuring they lead technologically and economically. Canada must break this cycle and trust its own innovation for a more secure and resilient future.

A lesson in common challenges

In 2022, the Communitech Future of Cities program, which has evolved into Communitech Fast Track collaboratives, identified the top technological challenges facing Canadian municipalities. Digital infrastructure security was the top concern. Cities are rapidly digitizing with smart traffic systems, water treatment and connected streetlights. These solutions are making things more efficient but they come with risks. A cyberattack on critical infrastructure, for example, could endanger public safety.

Despite the growing need for cybersecurity solutions, Canadian cybersecurity business leaders have told me they’ve struggled to gain traction domestically, with municipalities often turning to U.S. or European vendors. This reflects the larger issue that our procurement system isn’t aligned with our national interests.

A pattern of resistance

I still remember sitting down with a group of Canadian cybersecurity entrepreneurs to understand their challenges in selling to the domestic market. One founder joked that getting Canadian agencies to buy local cybersecurity tech before it’s internationally validated would be easier than curing cancer.

Time and again, I heard that breaking into the U.S. market was easier than securing contracts at home. The issue wasn’t quality, pricing or compliance. It was perception. Canadian buyers, especially in government, hesitate to take risks on unproven domestic solutions, which hurts startups and hinders the growth of our homegrown cybersecurity sector.

The Canada-Ukraine Security Innovation Challenge (CUSIC) was designed to identify cutting-edge cybersecurity solutions from both countries. It highlighted some Canadian solutions, but these technologies weren’t adopted in Canada. Even with government interest in supporting innovation, systemic barriers are getting in the way of progress.

The list of Canadian cybersecurity success stories continues to grow with world-class companies like Arctic Wolf, eSentire and 1Password, but these organizations are seeing more success and growth south of the border.

In the U.S., the Defense Innovation Unit (DIU) fast-tracks emerging cybersecurity technologies for government use, ensuring local companies succeed before going global. Germany’s IT Security Act and Cyber Security Strategy prioritize local solutions and provide funding for firms to develop cutting-edge technologies. Similarly, Israel integrates government-backed procurement policies into its defense strategy, supporting collaboration between public and private sectors to build one of the world’s most advanced cybersecurity industries. If Canada wants to compete globally, it must adopt similar procurement models that support local firms.

A new model for Canadian procurement

Cybersecurity is critical across all industries. A breach in health care, for example, can put lives at risk. In October 2023, ransomware attacks on five hospitals in southwestern Ontario forced critical systems offline for weeks, delaying life-saving treatments and exposing sensitive information. The hospitals affected - Windsor Regional, Erie Shores HealthCare, Hôtel-Dieu Grace, Bluewater Health, and Chatham-Kent Health Alliance - fought hard to get things back up and running, highlighting the devastating toll cyber threats take on Canada’s health-care system. 

Even after these breaches, procurement policies still favour international vendors, despite excellent homegrown solutions. In sectors like energy, mining, and construction, Canada’s slow adoption of local cybersecurity solutions leaves gaps that cybercriminals can exploit.

In the energy sector, Canada’s been slow to adopt local solutions for securing power grids, nuclear plants and hydroelectric facilities. The complicated procurement process means international vendors, many with long-standing contracts, continue to lead, even though Canadian companies have cutting-edge innovations to offer. It’s the same story in industries like mining and construction, where businesses often have to jump through costly and redundant approval hoops across provinces, even when their solutions are already vetted in other parts of the country.

Canada’s approach to procurement is still fragmented across every industry. From digital security to health care, energy, mining, and construction, each sector has its own lengthy and complicated procurement processes, with little coordination between them. This means Canadian companies have to cut through a maze of bureaucratic red tape just to get a foot in the door at home, even when their solutions have already proven successful in other parts of the country. This lack of coordination stifles innovation, slows down adoption, and forces companies to look outside Canada for their first big contracts, instead of being able to scale efficiently here.

Also, if a cybersecurity solution is approved in one province, it should be easier for other provinces to adopt it, yet each jurisdiction goes through its own evaluation. Streamlining procurement would help Canadian companies scale efficiently at home and abroad.

Canada has shown it can act quickly when needed. The $100 million Starlink contract was approved in record time to improve connectivity in remote areas. Liquor restrictions were rapidly adjusted to counter U.S. tariffs, showing that economic priorities can override bureaucratic inertia. Provincial bidding restrictions have been imposed on U.S. firms in the past, proving that Canada can prioritize its own interests when necessary. 

If we can make bold decisions for external challenges, why not do the same for our own tech sector?

Streamlining the process, keeping standards high

Regulatory oversight is essential to maintaining cybersecurity standards. Too much bureaucracy can stifle progress. Streamlining compliance and cutting back on administrative hurdles will help Canadian firms get their innovations to market faster without sacrificing security or performance. 

More importantly, procurement reform should ensure that once a Canadian company has successfully navigated the process in one jurisdiction, it doesn’t need to start from scratch elsewhere. When one city or province approves a domestic solution, that decision should serve as a benchmark for others, speeding up adoption nationwide. This model has worked in other countries and can reduce redundancies, allowing Canadian firms to scale without unnecessary delays.

We need a new approach that builds on the Future of Cities model but applies to all industries. A centralized strategy for cybersecurity procurement would not only improve national security but also create a clear path for Canadian startups to grow and thrive within their own country. 

Collaboration for a stronger future

The strength of our digital infrastructure, economic resilience, and technological sovereignty depends on a shift in how we approach procurement.

The good news? We’re already on our way. At Communitech, we’re actively reshaping procurement with initiatives like CAN Health, which works to ensure Canadian innovation gets tested and adopted here first. This helps our companies gain validation at home before seeking international recognition.

The Communitech Fast Track collaboratives, an evolution of the successful Future of Cities initiative, is already helping technology providers and public-sector buyers connect and work together. By acting as a trusted intermediary, we’re reducing risks, streamlining evaluations and speeding up the adoption of Canadian innovations across industries. Through structured selection, evaluation and collaboration, we’re removing friction and accelerating the use of homegrown solutions.

Canada has the talent, innovation and expertise to lead. But leadership requires action. If we want change, we need to act together. Governments, businesses, and tech providers, working as one to ensure Canadian solutions are the first choice whenever possible. If we fail to support and secure Canada’s digital future today, the cost will be much higher tomorrow.

Karson Simpson

Public Relations Manager, Communitech

Karson Simpson is the Manager of Public Relations at Communitech, where she amplifies the stories of Canadian tech companies and the people building them. Karson’s background is in research, public policy and communications.

Communitech logo

Communitech Hub

151 Charles Street West, Suite 100,
Kitchener, Ontario, Canada, N2G 1H6

Proud member of Canada's Tech Network

Hours: Monday - Friday 8:30 a.m. - 5 p.m. ET
Phone: +1 (519) 888-9944
Email: front.desk@communitech.ca

Communitech

Our story
Careers
Board of Directors
Media & Reports
Advocacy & Impact
Policies

Canadian Tech

Canada's Tech Network

The Essentials

Events
Programs
Insights

Connect with us

      

 

Get our newsletter

Stay informed! Sign up for the Communitech Your Month In Tech newsletter.

Government of Ontario logo

Government of Canada logo

Communitech acknowledges that the Hub is situated on the Haldimand Tract, land that was granted to the Haudenosaunee of the Six Nations of the Grand River, and are within the territory of the Neutral, Anishinaabe, and Haudenosaunee peoples.

© Communitech Corporation. All rights reserved. Communitech and its respective programs are registered trademarks in Canada and the United States