Defending Canada in cyberspace: UNB’s national leadership in cybersecurity research and training
Author: Tim Jaques
Posted on May 5, 2026
Category: UNB Fredericton
As cyber operations become a core instrument of national power, the University of New Brunswick’s Canadian Institute for Cybersecurity—home to the federally funded Cyber Attribution Data Centre—is advancing research, training and intelligence capabilities critical to Canada’s defence.
The advanced technology of modern warfare isn’t just found in tanks, ships, jets and drones.
Wars will also be fought through lines of code, quiet intrusions into power grids and the erosion of trust through online disinformation that few may understand until it is too late.
Dr. Ali Ghorbani, a professor of computer science, Tier 1 Canada Research Chair in Cybersecurity and the director of the Canadian Institute for Cybersecurity (CIC) at the University of New Brunswick, sees cyber operations—the employment of digital capabilities to achieve specific objectives in or through cyberspace—as crucial to modern national defence.
“Battles are not only won by firing bullets. Cyber operations and cybersecurity can also win them. Cyber operations and cybersecurity can now project national power,” he said.
Cyber warfare—not just cyber crime
The cyber threats to Canada that Dr. Ghorbani sees go beyond financial fraud, extortion or stolen passwords. State-backed cyber operations have become routine tools for espionage, influence and disruption.
Cybersecurity and cyber operations now stand alongside intelligence gathering, command-and-control and logistics in modern military planning. It isn’t just purely military structures that are affected: Digital systems also run civilian life, including power grids, ports, municipal services and industry supply chains.
“You modernize to help your operations run better,” he said. “But with advancement can come trouble.”
That includes the risk that adversaries could blind surveillance systems, disrupt communications or sit unnoticed inside networks for months gathering data. They could shut down critical services.
Knowing the adversary
Dr. Ghorbani argues that defence starts with understanding who is attacking, how and why. Unless defenders understand opponents, solutions will fail, he said.
That gap led to the creation of UNB’s Cyber Attribution Data Centre (CADC), housed within the CIC. The federal government funded the establishment of the CADC with up to $10 million over five years.
In May, the CADC will celebrate a year of rapid growth, technical achievement and collective dedication with an event that will highlight its specialized research equipment and sophisticated operational processes, as well as its skilled multidisciplinary team spanning data science, cybersecurity, digital forensics, networking, policy and operations.
Dr. Ghorbani believes the CADC’s work is crucial.
“Unless you know your adversary fully and every detail of them, you won’t be able to build a solution that is going to work,” he said.
“It’s like playing a sport: You study everything about the team you are going to play against.”
The CADC collects and analyzes data from real cyber incidents. Researchers reverse-engineer known attacks, examine behaviour in controlled environments, trace origins and build profiles of tactics and techniques.
That intelligence is then tiered, from sensitive material shared with security agencies to anonymized datasets made available to industry and researchers.
“We are collecting intelligence, data and profiles of incidents that have happened so that we can learn from them,” Dr. Ghorbani said.
The CADC is the first of its kind in Canada in the academic and public domains. It builds on the institute’s long-standing work producing benchmark datasets used by cybersecurity researchers worldwide.
Vulnerabilities closer to home
Dr. Ghorbani warns that Canada’s weak points are often closer to home.
Critical infrastructure runs on intertwined digital systems that create cascading risk. A vulnerability in one node can ripple outward through municipal networks, utilities and other systems.
"There is still a concern that our critical systems are vulnerable,” he said.
That concern includes operational technology—the control systems that manage infrastructure such as power plants, water treatment facilities and transportation. These systems are hard to replace, and most were never designed for constant internet connectivity.
Another concern is incident reporting. Many attacks are never fully disclosed by the victims, leaving those who devise defence strategies blind to patterns and emerging threats.
Then there are municipalities and small- to medium-sized enterprises (SMEs).
“SMEs and municipalities are our weak points,” Dr. Ghorbani said. “Large organizations have capacity. Municipalities usually don’t, particularly the small ones.”
Attacks on municipalities can cause real harm that often goes unmeasured, from halted services to lost productivity. Dr. Ghorbani believes shared regional cyber services could help cut costs and reduce risk.
“Going solo in cybersecurity never works,” he said.
Training for the new fight
Education sits at the centre of Dr. Ghorbani’s vision. Threats evolve too fast for static training models.
“Cybersecurity training cannot be idle and stay unchanged,” he said. “We have to move with the threat.”
He points to several areas where Canada’s workforce is thin. Operational technology security tops the list, followed by threat hunting and cyber attribution. Incident response capacity also lags demand.
Newer threat areas are expanding fast. Internet-connected devices now run ports, factories and supply chains. Smart grids, digital infrastructure and autonomous vehicles are at risk.
Post-quantum computing will threaten existing encryption systems once practical quantum computers become available, as large-scale quantum computers will be able to crack public-key cryptosystems currently protecting internet traffic and sensitive data.
“Post-quantum security and privacy is one of the major areas of our work here,” Dr. Ghorbani said, noting CIC’s work with financial institutions to prepare for that shift.
Human-focused threats matter too, including disinformation, misinformation and social engineering. These attacks target trust and behaviour rather than machines.
“We call it human-centric cybersecurity—something that humans are involved in or human elements are being affected,” he said.
“This is a social problem but can also end up causing economic and other problems.”
Ghorbani noted that, in this respect, it isn’t a technical computer science challenge: social science disciplines can help find a solution.
Ambition and scale
The CIC launched in 2017 as Canada’s first cybersecurity institute. Its research, training programs and international reputation grew quickly.
“We are very happy with what we are doing,” he said. “But it would be a disservice to the country if we don’t scale up.”
He would like to see CIC double its current size within three years to match the pace of real-world threats and support Canada’s defence planning, industry needs and training demand.
“If we don’t stay the course, we’re going to lose this competition very quickly,” he said.
Growth requires steady investment and recognition that cybersecurity is both a security obligation and an economic opportunity, particularly for New Brunswick.
That means backing organizations that can turn research into usable tools, trained people and export-ready solutions. It also means recognizing early success and pushing it further instead of stopping short.
“Cybersecurity is an industry,” Ghorbani said. “Let’s treat it as industry.”
Photo 1: The Canadian Institute for Cybersecurity at UNB.
Photo 2: Dr. Ali Ghorbani, professor of computer science, Tier 1 Canada Research Chair in Cybersecurity and the director of the Canadian Institute for Cybersecurity at UNB.