Cybersecurity as core infrastructure: Heather Black on modernizing Canada’s defence strategy
‘Seeing how technology can positively impact the work of defence, public safety and government teams is incredibly rewarding,’ says Heather Black. / SUBMITTED PHOTO
As cyber threats grow increasingly sophisticated — from ransomware to AI-enabled attacks — the organizations that underpin Canadian public life face mounting pressure to modernize their defences. For Heather Black, Regional Vice President of Canadian Public Sector at Palo Alto Networks, navigating that challenge is a daily reality.
Based in Ottawa, she oversees the company's public sector go-to-market strategy and works directly with federal, provincial and municipal governments, as well as defence and public safety partners. "My role focuses on helping customers understand the evolving cyber threat landscape and identifying ways to strengthen their security posture as they pursue digital transformation," she said.
Palo Alto Networks, which positions itself as a global cybersecurity leader, differentiates itself through what Black describes as a platform-based approach — one that integrates network security, cloud security and security operations into a unified ecosystem. "That helps customers reduce tool sprawl, respond faster, and move toward a more proactive security posture rather than relying on fragmented solutions," she told Means & Ways, adding that longstanding partnerships with Five Eyes nations and NATO allies bolster the company's credibility in an increasingly volatile global security environment.
For Black, the work is as much about mission as it is about technology. "There's a strong sense of purpose in this space," she said. "Seeing how technology can positively impact the work of defence, public safety and government teams is incredibly rewarding."
What is the biggest challenge facing the economy right now? What is one practical solution to address it?
One of the biggest challenges is balancing innovation with risk. Governments and organizations are under pressure to digitize quickly while managing budget constraints and an increasingly complex threat environment. A practical solution is adopting a platform approach to cybersecurity that reduces complexity, improves visibility, and allows organizations to do more with fewer resources. By consolidating tools and leveraging both automation and AI, public sector organizations can increase resilience while controlling costs.
“The sector needs people who care about making a difference and who are willing to stay curious, even when they don’t have all the answers. ”
There’s been a big focus from the government on a Defence Industrial Strategy. Where does cybersecurity fit into this framework?
Cybersecurity is foundational to any modern defence capability. Secure data, resilient infrastructure and trusted supply chains are essential for operational readiness and collaboration with allies. Technology plays a critical role in ensuring the right information reaches the right people at the right time, which is something that can directly impact mission success and safety. Within a Defence Industrial Strategy, cybersecurity should be treated as core infrastructure rather than an add-on. That means embedding security into procurement, investing in cyber workforce development and strengthening partnerships between industry, government and academia.
The government has yet to unveil its AI strategy. What would you like to see in it?
AI in general and generative AI in particular are reshaping the risk landscape and creating both opportunity and exposure. I would like to see a strategy that balances innovation with guardrails, and clear guidance on responsible AI use, investment in secure AI infrastructure, and stronger information sharing between government and industry on AI-enabled threats. It should also prioritize skills development so Canada can build and retain cyber and AI talent.
What is keeping you at night?
The rapid pace of change in the threat landscape is always top of mind, particularly how adversaries are leveraging automation and AI to scale attacks. The potential gap between how quickly threats evolve and how quickly organizations can adapt keeps me thinking. That’s why collaboration across governments, allies and industry is more important than ever.
What advice would you give to young women looking to enter this sector?
Be passionate and jump in. The sector needs people who care about making a difference and who are willing to stay curious, even when they don’t have all the answers. Confidence, resilience and strong support networks are key. I like to say, get comfortable with being uncomfortable, the pace of change is real! I would also encourage young women to seek mentors, take opportunities even when they don’t feel fully ready, and remember that diverse perspectives make cybersecurity stronger. The industry is evolving quickly, and there has never been a better time to be part of it.
