Canada, under the leadership of the Communications Security Establishment Canada (CSE) and Public Safety Canada, hosted the G7 Cybersecurity Working Group (Working Group) from May 12 to 13, 2025, in Ottawa, to discuss shared issues on cyber security and emerging technology.
The Working Group was established in 2024 under Italy’s G7 leadership and is composed of the principals in national cyber security agencies or roles across the G7. The Working Group acts as a cyber security community of practice for the G7, and is built on shared values, shared interests and a shared vision for the future of cyberspace.
The speed, scale and intensity of current challenges in cyberspace are unparalleled, and coordinated efforts among G7 like-minded nations are needed to meet these challenges, namely through the following objectives:
- Enhancing cooperation on cyber security, through the exchange of views and information, sharing threat analysis and advancing strategies to address current and emerging challenges, including security for AI and AI for cyber security
- Promoting dialogue on guidelines, standards and approaches that contribute to shaping the best practices for cyber security nationally and internationally
- Fostering long-term resilience for new and emerging technologies that have an impact on cyber security such as quantum computing
During the in-person Working Group meeting in Ottawa, representatives met to discuss a series of workstreams on which the group has agreed to collaborate during Canada’s 2025 G7 presidency. This included:
- Reflecting the shared vision of the group through the preparation and group endorsement of a “Food for Thought” paper on a Software Bill of Materials for Artificial Intelligence (SBOM for AI). The paper reflects a mutual recognition of the fast-paced nature of this space and the need to consider similar initiatives underway in other fora to avoid duplication.
- Agreeing to advance an initiative to address the cyber security of Internet of Things (IoT) products, taking into account both the technical and non-technical nature of cyber threats. The working group has since released a statement on IoT security (PDF, 140 KB), hosted on Japan’s National Cybersecurity Office website.
- Renewing a commitment to advocate for a well-planned transition to Post-Quantum Cryptography and to further explore joint technical cyber advisories to leverage the Working Group’s collective voices on cyber security matters.
- Agreeing to exchange ideas and lessons learned from policy levers for incentivising cyber security.
- Discussing the need to protect our respective critical infrastructure and improve the collective cyber resilience of essential services and systems. This work is vital to serving citizens, maintaining economic stability and national security. Through these discussions on safeguarding critical infrastructure, the Working Group seeks to mitigate risks, minimize disruptions, and enhance our ability to respond to and recover from cyber threats.
- Sharing ideas and best practices to build up the cyber security skill set, foster public-private partnerships, and continue to promote secure-by-design principles in various engagements. Developing these skills and engaging in collaboration are crucial to respond effectively to evolving threats, ensuring resilience, and fostering innovation. Further, adopting secure-by-design practices will reduce the attack surface and enhance overall cyber resilience.
The Working Group plans to continue these efforts throughout the rest of the Canadian G7 presidency in 2025, including having a second meeting in fall 2025 to review progress and finalize the work prior to transitioning the presidency of the Working Group to France for 2026.
Sami Khoury, Principal and Co-Chair
G7 Cybersecurity Working Group
Communications Security Establishment Canada
Colin MacSween, Co-Chair
G7 Cybersecurity Working Group
Public Safety Canada