CFOtech Canada - Technology news for CFOs & financial decision-makers
Canada

Guides

#
artificial intelligence
#
data analytics
#
digital transformation
#
fintech
#
health technologies

Search

Worried businessperson warning screens robotic hand lock canadian cityscape
#
Firewalls
#
Advanced Persistent Threat Protection
#
Breach Prevention

Canadian firms struggle with AI in cybersecurity amid talent gap

Thu, 9th Oct 2025
Author image
By Shannon Williams, Journalist

New findings from Fortinet's latest 2025 Global Cybersecurity Skills Gap Report indicate that Canadian organisations are adopting artificial intelligence (AI) to bolster cybersecurity, but a persistent shortage of skilled professionals is hindering progress and exposing companies to greater risk.

The report is based on responses from over 1,850 IT and cybersecurity leaders worldwide, including 100 participants from a range of Canadian industries such as technology, manufacturing, financial services, healthcare, and professional services.

AI adoption and workforce limitations

According to the survey, almost all (94%) of Canadian organisations are either already using or planning to use AI-enabled cybersecurity solutions, with threat detection and prevention being the primary focus. Cybersecurity professionals generally welcome AI, with 89% expecting it to enhance rather than replace their roles, providing efficiency and much-needed relief as the industry faces ongoing shortages.

Despite enthusiasm, a lack of specialist AI skillsets within teams is reported as a major obstacle. Nearly half (47%) of Canadian IT decision-makers cite insufficient staff expertise in AI as the biggest challenge to successful AI implementation. While 78% say AI is helping their IT and security teams become more effective, adoption alone has not been enough to reduce breach rates. Internationally, 76% of organisations that faced nine or more cyberattacks in 2024 had AI tools in place, underlining that expertise, not just technology, is critical.

"This year's survey further underscores the urgent need to invest in cybersecurity talent," said Carl Windsor, CISO at Fortinet. "Without closing the skills gap, organisations will continue to face rising breach rates and escalating costs. The findings highlight an inflection point for both public and private sectors: Without bold action to build and retain cybersecurity expertise, the risks and costs will only continue to grow for our society."

Breaches on the rise amid skill shortages

The survey finds breaches are becoming more frequent and severe. In 2024, 82% of Canadian organisations experienced at least one cyber breach, up slightly from 81% in 2023. More notably, the number of organisations reporting five or more breaches rose to 19% from 4% the previous year.

insufficient IT security skills and lack of cybersecurity awareness and training remain central factors. Some 51% of Canadians surveyed identified a lack of security skills and training as one of the leading causes of breaches in their organisations.

The financial consequences are significant, with 46% of Canadian organisations noting that cyber incidents cost them over USD $1 million in 2024, a figure comparable to the previous year.

Board-level focus and gaps in AI risk understanding

Cybersecurity is taking on greater importance in Canadian boardrooms, with 78% of boards increasing their attention to the issue in 2024. Near-universal consensus now exists regarding the importance of cybersecurity as a business (95%) and financial (94%) priority.

Despite this, fewer than half (41%) of Canadian respondents believe their boards fully understand the risks posed by AI. The report notes a strong link between board awareness of AI risks and whether an organisation already employs AI in its cybersecurity programme.

The value of certification and training

Canadian organisations continue to emphasise the value of certifications when hiring staff. 83% of IT decision-makers prefer candidates who hold cybersecurity certifications, citing these as valuable proof of knowledge, ability to keep pace with a rapidly evolving field, and familiarity with essential tools.

The willingness of organisations to invest financially in obtaining these certifications for employees has, however, diminished. In 2023, 87% were willing to fund certification processes, but this fell to 67% in the current report.

Addressing the cyber talent gap

As the skills gap persists, the report emphasises the need for a multi-pronged approach to strengthening Canada's cybersecurity workforce. Recommendations include awareness and education campaigns, improved access to targeted training and certification programmes, and adoption of advanced security technology.

The Fortinet Training Institute, cited in the report, is expanding training access and includes AI-focused modules covering both the basics of generative AI and specific curriculum on how cybercriminals use AI to enhance attacks. Fortinet reaffirms its pledge to train 1 million people in cybersecurity globally by the end of 2026 to help address these shortages.

The report makes clear that upskilling, certification, and ongoing education remain priorities for organisations looking to build business resilience against evolving cyber threats in an environment where technology outpaces talent acquisition.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Sage unveils Intacct AI automation upgrades for finance teams
CISOs see pay rise outpace budgets as market activity intensifies
Hexaware unveils AI insurance tools with Google Cloud backing
Machine learning model gives early warning on credit rating shifts
Supervity unveils AP AI Command Centre to automate finance tasks

Top stories

DoiT & Ingram Micro partner to deliver FinOps to AWS resellers
BDO Digital named finalist for 2025 Microsoft Americas award
Canadian SMBs lose growth due to tool overload & missed AI gains
Beyond Bloom: Why transformation, not creation, represents the peak of learning in the AI era
Kyndryl launches agentic AI services to reshape workplace roles