Canadian Advanced Manufacturing Builds World-Class IP. Then Gives it Away.

Also published in the   

The Case for a Layered Defence of Canada’s Innovation Economy

More than 45% of Canadian inventions are ultimately owned by foreign firms, highlighting a long-standing gap between innovation creation and innovation retention in Canada. Canada has already lived through the consequences of that gap. Nortel Networks, once one of the country’s most valuable companies and a global telecommunications leader, suffered years of cyber intrusions tied to the theft of sensitive business plans, research, and intellectual property before ultimately collapsing into bankruptcy. The cost was not simply a breach. It was the erosion of a Canadian innovation advantage.

Canada is entering a phase where its most valuable assets are no longer physical. They are proprietary designs, algorithms, manufacturing processes, and models – the intangible edge that separates world-class companies from those that simply manufacture on another’s terms. The legal tools to protect that edge are well-established: patents, trademarks, industrial designs, and trade secret protections. Yet too few Canadian businesses deploy them with the strategic intentionality their competitors do. This is not only a corporate governance failure. It reflects an innovation ecosystem that has long funded the creation of IP without requiring its protection.

And even those that do deploy these legal tools are discovering that though essential, they are no longer sufficient. IP can now be extracted digitally – before a patent is filed, after an NDA is signed, through a supplier’s compromised system or an executive’s breached credentials. Legal rights establish what you own. Cybersecurity determines whether you can keep it. Neither works without the other, and neither comes first – they must be built together, from the moment an innovation is worth protecting. That is the coordination gap Canadian companies need to close.

In advanced manufacturing and across IP-intensive sectors, a significant shift is underway. Companies are increasingly choosing not to patent critical innovations – often because their advantage lies not in a discrete invention but in accumulated operational know-how that cannot be claimed in a patent without revealing more than it protects. So, they rely on trade secrets instead. But trade secrets are only as strong as the systems and controls protecting them. That dependency sits at the intersection of IP law and cybersecurity, and it is where Canadian companies are most exposed.

“In advanced manufacturing, cybersecurity measures are just as important as a solid IP framework—while traditional IP protection such as patents, trademarks, and industrial designs play a critical role, much of the real value lies in digital know-how, processes, and proprietary assets that must be secured against unauthorized access and theft. Threat actors are increasingly stealing proprietary information as leverage to extract a ransom. Leaders should view cybersecurity and IP as complementary pillars, working together to protect competitive advantage in an increasingly digital, borderless environment,” said Jennifer Ponton, Partner, IP Lawyer and Trademark Agent at Borden Ladner Gervais LLP, and Eric Charleston, Partner and National Co Leader, Cybersecurity and Privacy at the firm.

The Threat Is Strategic, Not Incidental

IP theft is strategic and systematic. The Canadian Centre for Cyber Security’s intelligence assessments have pointed to state-sponsored actors, most prominently those linked to China, targeting advanced research, defence capabilities, and high-value industrial sectors. The objective is not disruption or ransom. It is extraction of innovation to accelerate competing capabilities elsewhere.

Competition is no longer just about who can innovate. It is about who can retain their innovation.

AI is amplifying this challenge in ways that are still being underestimated. Attackers are now able to automate reconnaissance, generate highly convincing communications, identify vulnerabilities across both IT and industrial systems, and rapidly analyze stolen data to isolate its highest value components. This reduces both the cost and time required to execute sophisticated attacks. In April 2026, Anthropic restricted its most capable AI model, Mythos, to a small group of vetted companies rather than release it publicly, citing its ability to identify and exploit software vulnerabilities across major operating systems at unprecedented scale. Researchers subsequently showed that similar results were achievable using older, publicly available models in coordination – meaning, this capability is already broadly accessible.

For advanced manufacturers, this means production methods, tolerances, robotics logic, supplier relationships, and proprietary operational data can increasingly be mapped, analyzed, and extracted at machine speed. Increasingly, the consequence of weak protection is not only theft. It is exclusion from defence, critical infrastructure, and enterprise supply chains where cyber maturity is becoming a condition of participation.

The sectors driving Canada’s economic future are also the most vulnerable. PwC’s 2022 survey of Canadian critical infrastructure companies found that 54% of Canadian organizations experienced an operational technology cybersecurity incident in the last three years. Advanced manufacturing sits at the centre of this exposure. These environments rely heavily on operational technology systems that were never designed for today’s threat landscape, and where a breach can move from corporate IT to the factory floor without triggering an alert. Defence supply chains are now evaluated on cybersecurity maturity as a condition of contract. And the proprietary process data that defines a manufacturer’s edge – tolerances, formulations, production sequences – can be exfiltrated and replicated with relative ease once exposed.

The Invisible Cost of IP Loss

One of the most challenging aspects of IP theft is that it is rarely measured accurately. IBM’s 2025 Cost of a Data Breach Report places the average cost of a breach at CA$6.98 million. Most reporting focuses on direct and visible impacts such as downtime, remediation, and cybersecurity spending. The true cost however is embedded in what never materializes: deals that are lost because a competitor has replicated a capability, valuations that decline because IP is no longer defensible, opportunities that disappear because organizations cannot demonstrate that their innovations are secure.

The Nortel case remains one of Canada’s clearest warnings about the long-term consequences of IP extraction through cyber compromise. Former security officials who investigated the breach argued that years of unauthorized access to sensitive business plans and core IP provided competitors with a strategic advantage at a critical moment in global telecommunications competition. The broader lesson still applies today: the loss of IP rarely appears immediately on a balance sheet, but its economic impact can unfold over years through lost market share, weakened competitiveness, and diminished enterprise value.

The Strategic Shift for Canadian Business

Cybersecurity is not simply a defensive investment. It determines market access, market share, and ultimately enterprise value. The question is no longer who can innovate the fastest. It is who can protect what they innovate. For Canadian businesses, the implication is direct – build a layered IP and cyber protection strategy and treat it as a core business priority. That requires three things working together.

1. Secure the foundation before you build on it. Register what can and needs to be registered – patents, trademarks, industrial designs – before entering partnerships, licensing negotiations, or procurement processes where your innovations become visible. Legal protection is the title deed to your competitive advantage. Cybersecurity is the lock on the door. You need both to effectively enforce and protect your assets.
2. Treat trade secrets as infrastructure. If your advantage lives in operational know-how or proprietary processes, protect it with the same rigour as a registered right: documented confidentiality protocols, access controls, NDAs with real teeth, and cybersecurity measures designed around what matters most. Those designing your security systems should know which assets are worth the most to a competitor.
3. Elevate IP protection as a governance issue. The companies most at risk are those who delegate IP strategy to legal and cybersecurity to IT, with neither talking to each other nor contributing to strategy at the executive table. That gap is exactly where loss occurs.

The responsibility does not rest with business alone. Canada’s innovation funding programs – from NRC-IRAP to the Strategic Innovation Fund – must increasingly condition support on demonstrated IP protection and cybersecurity strategies, ensuring that public investment in Canadian innovation does not continue to subsidize IP that is ultimately captured and commercialized elsewhere.

In a global economy increasingly defined by digital trust, the companies that succeed will not simply be those that build the best ideas. They will be the ones that can keep them.

Michael is General Counsel at Intellectual Property Ontario and can be reached here. Francois Guay is the Founder and CEO of the Canadian Cybersecurity Network and can be reached here.