Insights

On March 12, 2025, the Government of Canada announced plans to launch the Canadian Program for Cyber Security Certification (CPCSC). CPCSC is a cybersecurity compliance verification program that aims to protect sensitive unclassified government information handled by Canadian government contractors and subcontractors within Canada’s defense sector. Canada will roll out CPCSC to contractors in four phases, with the first phase launching this month.

As digitalization has become more ubiquitous and attacks surfaces widened, the number of cyberattacks have correspondingly increased. In 2024, ransomware attacks in particular grew in their frequency and impact. In an effort to enact more stringent policy approaches, governments introduced over 170 data protection laws between 2023 and 2024. With not a single company immune from these regulatory winds, industry must keep a close watch.

Significant shifts in U.S. technology policy are taking shape at the start of the new administration. This is especially true in the field of artificial intelligence (AI), where President Trump revoked President Biden’s Executive Order 14110, titled “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” as part of his flurry of Day One executive actions. The administration is now moving quickly to put its own stamp on this area in an effort to strengthen U.S. AI leadership and competitiveness and outpace other nations, particularly the People’s Republic of China.

The Asia-Pacific (APAC) region witnessed a rapid digital transformation in 2024, powered by its connectivity and technological innovations. However, these advancements have introduced new vulnerabilities into the region’s digital ecosystem, which more sophisticated and nuanced cyber threats are already exploiting. In Q2 2024 alone, the APAC region experienced an average of 2,510 weekly cyberattacks per organization, marking a 23 percent increase compared to the same period in 2023.