TelcoNews Canada - Telecommunications news for ICT decision-makers
Canada
Canada second globally for ransomware, Fortinet says
Malware Ransomware SOCs

Canada second globally for ransomware, Fortinet says

Mon, 11th May 2026 (Yesterday)
Joseph Gabriel Lagonsin
JOSEPH GABRIEL LAGONSIN News Editor

Fortinet reported that Canada ranked second globally for ransomware attacks last year, with 374 organisations extorted.

The findings, from Fortinet's 2026 Global Threat Landscape Report and 2026 Cybersecurity Skills Gap Report, also show total cyberattacks against Canadians rose to 17 billion in 2025 from 13.7 billion in 2024.

Canadian organisations are also reporting a high rate of breaches. The data shows 82% experienced at least one breach in the past year, and 19% of those incidents cost between USD $1 million and USD $2 million.

Pressure on businesses is increasing as attackers use artificial intelligence to speed up their operations. Fortinet's threat intelligence unit found that time-to-exploit for critical outbreaks is now two to four times faster, with AI used for reconnaissance, weaponisation, and execution.

The reports also point to a workforce problem inside many companies. Among Canadian IT leaders surveyed, 47% said a lack of cybersecurity skills was a leading cause of security breaches.

Demand appears strongest at the senior end of the market. The research found that 53% of Canadian respondents most needed senior-level cybersecurity skills, while 40% struggled to secure approval for additional cybersecurity hires.

AI is adding another layer of difficulty to recruitment. Threat actors are using artificial intelligence to make attacks more efficient, contributing to a 25.49% increase in global exploitation attempts, while 49% of Canadian organisations said they struggle to recruit cybersecurity staff with specific AI experience.

Skills pressure

The figures suggest boards and management teams face a dual challenge: handling a larger volume of cyber threats while trying to fill specialist roles in a tight labour market. For some companies, cybersecurity has become more than a technical function; it is now a broader business risk with direct financial consequences.

Many Canadian organisations are responding by increasing their use of AI in security operations. The research shows 91% of Canadian respondents are either using or experimenting with AI-based cybersecurity tools.

Most organisations already using these systems reported practical benefits. Fortinet found that 85% of respondents said AI-enhanced security tools are helping IT and security teams work more effectively and efficiently.

Businesses are also placing more emphasis on training rather than relying only on external hiring. The reports show 49% of organisations are likely to invest in AI-related cybersecurity training or certifications over the next 12 months.

Internal retraining is playing a prominent role. The research found that 58% of organisations are developing internal training or reskilling programmes to support AI adoption, while 49% are buying training or reskilling services from industry vendors.

AI and attacks

Fortinet's threat analysis points to a change in the methods used by criminal groups, not simply an increase in the number of attacks. By using AI tools, attackers can automate parts of the process that once took more time and manpower, shortening the window for defenders to identify and contain a breach.

Derek Manky, Chief Security Strategist and Global VP of Threat Intelligence at Fortinet FortiGuard Labs, described the trend as a broader shift in how cybercrime is being organised.

"Cybercrime is one of the world's most pervasive and costly threats, and our latest Global Threat Landscape Report reveals how malicious actors are beginning to leverage agentic AI to execute more sophisticated attacks," said Manky.

He said defenders would need to match the pace of those changes.

"As cybercriminals increasingly use AI to bolster their tactics, cyber defenders must evolve cybersecurity operations into an industrialized defense and adopt AI-enabled tools that respond at the same velocity as modern threats," he said.

Fortinet's skills report also suggests that awareness at board level has improved, but spending and staffing decisions have not always kept pace with the scale of the threat. That gap is particularly visible in areas linked to AI, where companies need both technical expertise and operational policies.

Carl Windsor, Chief Information Security Officer at Fortinet, said the issue should be viewed in a wider corporate context.

"Cybersecurity is not simply a technical issue but a strategic business risk. This year's Cybersecurity Skills Gap Report suggests that while boards generally recognize the importance of cybersecurity, more investment is needed to address key issues, such as emerging AI risks and the ongoing cybersecurity skills shortage," said Windsor.

"Addressing these issues is critical to business resilience in an increasingly complex threat landscape," he added.

Related stories
AI to transform business risk, trust & compliance by 2026
Vodafone & Google Cloud launch AI & security tools
Elastic ties security platform to Google's air-gapped cloud
World Backup Day 2026: In the age of AI, what are you really backing up?
NETSCOUT boosts telco AI with Omnis smart data tools
Top stories
Red Hat & Panasonic preload edge software on TOUGHBOOK
IPNetwork Monitor adds AI control to on-premise tools
Feds & TELUS partner on sovereign AI data centre plan
Matter & OpenADR link up for home energy management
Uber Canada joins Ontario emergency response network