Build cyber resilience for mission-driven organizations (at no cost)
Over the next two years, CyberAIDE will provide free, cohort-based, practical cybersecurity capacity building specifically designed for not-for-profit organizations and small to medium-sized municipalities in Quebec, Ontario, Yukon, Alberta, and British Columbia. Participants receive training, toolkits, and webinars grounded in Canadian case studies, built for your reality, your capacity, and your needs.
CyberAIDE recognizes that cybersecurity is not about technology for its own sake, it’s about protecting your ability to serve your community and fulfill your mission. Whether you’re delivering frontline services, supporting vulnerable populations, managing community programs, or governing on behalf of residents, cyber threats can disrupt the essential work you do. Strong cybersecurity practices enable you to serve your beneficiaries and residents more effectively, safely, and sustainably.
CyberAIDE also addresses the rapidly evolving AI landscape. As artificial intelligence becomes embedded in everyday software tools (often without explicit organizational choice) new cybersecurity risks emerge. From AI-powered phishing attacks to data exposure through generative AI tools, organizations need to understand both the threats AI enables and the risks AI adoption creates.
Why your organization can’t afford to wait
Cybersecurity incidents aren’t just IT problems, they’re existential threats to small organizations. Cyberattacks don’t discriminate by budget size. In 2023, 59% of Canadian nonprofits reported fraud or phishing attacks, and 27% said these incidents prevented access to essential resources. Small and medium-sized organizations face the same threats as large enterprises but rarely have dedicated IT security teams or the resources to respond effectively
The risks are real
- Financial impact: Recovery costs from cyber incidents doubled between 2021 and 2023, with the average ransom paid in Canada reaching $1.13 million CAD
- Operational disruption: Ransomware attacks can lock you out of donor databases, financial systems, and service delivery platforms for weeks
- Reputational damage: A data breach destroys the trust you’ve spent years building with funders, partners, and the communities you serve
- Legal consequences: Non-compliance with PIPEDA, Quebec’s Law 25, or provincial privacy laws can result in fines up to $10 million
The capacity gap
Only 14% of small nonprofits provide cybersecurity training to staff, and 47% of Canadian small businesses allocate zero budget to cybersecurity. You’re not alone in feeling underprepared – but you don’t have to stay that way.
Most cybersecurity guidance is designed for organizations with hundreds of employees and dedicated IT departments. Standards like the NIST Cybersecurity Framework or even “small business” frameworks assume resources that front-line service organizations simply don’t have.
What makes CyberAIDE different
CyberAIDE isn’t a one-size-fits-all webinar series. It’s a comprehensive capacity-building program designed specifically for organizations like yours.
- Practical, and usable: Every training module, toolkit, and case study is rooted in real Canadian scenarios. You’ll learn from organizations that faced the same constraints you do and discover what actually works when you’re managing cybersecurity with limited staff, tight budgets, and competing priorities.
- Plain language, real implementation: CyberAIDE training is delivered in plain language for staff, members, and volunteers of varying technical abilities. Whether you’re an Executive Director with no IT background or a part-time administrator wearing multiple hats, you’ll walk away with actionable steps you can implement immediately.
- Capacity-appropriate support: Drawing on Open North’s experience supporting municipalities through the Community Solutions Network and digital transformation through DATAide, CyberAIDE is designed for simple implementation regardless of your organization’s size, capacity, or resources.
Comprehensive coverage
CyberAIDE addresses the full spectrum of cybersecurity needs:
- Foundational security: Password management, multi-factor authentication, secure remote work policies
- Data protection: Backup strategies, encryption, access controls, and PIPEDA compliance
- Threat awareness: Recognizing phishing, social engineering, and ransomware attacks
- Incident response: Creating breach response plans and crisis communication protocols
- Privacy compliance: Understanding PIPEDA, Quebec’s Law 25, Ontario’s Bill 194, PIPA, and emerging AI governance requirements
- Vendor management: Evaluating third-party security and understanding SOC 2 reports
What you’ll receive
Live training sessions
Interactive cohort-based training where you’ll learn alongside peers facing similar challenges. Ask questions, share experiences, and build a network of support.
Ready-to-use toolkits
Downloadable resources you can implement immediately:
- Cybersecurity self-assessment checklist
- Breach response plan template
- Staff training materials
- Vendor security evaluation framework
- Privacy compliance audit guide
On-demand webinars
Access recorded sessions covering specialized topics, from baseline cyber security controls to AI governance frameworks. Watch on your schedule, revisit as needed.
Canadian case studies
Learn from real examples of Canadian nonprofits and municipalities that strengthened their cybersecurity posture, including what worked, what didn’t, and how they overcame resource constraints.
Expert support
Direct access to Open North’s cybersecurity specialists who understand the unique operating environment of small organizations.
Who should apply
CyberAIDE is designed for:
Not-for-profit organizations
- Charities and registered nonprofits
- Community service organizations
- Advocacy groups
- Social enterprises
- Foundations and grant-making organizations
Small to medium-sized municipalities
- Towns and villages
- Regional districts
- Indigenous governments
- Municipal service providers
Geographic eligibility
Organizations and municipalities located in:
- Quebec
- Ontario
- Yukon
- Alberta
- British Columbia
Organizational readiness
You don’t need existing cybersecurity expertise to participate. CyberAIDE is designed for organizations at any stage of their cybersecurity journey, whether you’re just starting to think about data protection or looking to strengthen existing practices.
Frequently asked questions
Is there really no cost to participate? Yes. CyberAIDE is completely free for eligible organizations. There are no hidden fees, no required purchases, and no strings attached.
How much time will this require? Training sessions are designed to respect your limited capacity. Expect 2-3 hours per month for live sessions, plus optional self-paced learning. All materials are designed for quick implementation.
We don’t have an IT person. Can we still participate? Absolutely. CyberAIDE is specifically designed for organizations without dedicated IT staff. Training is delivered in plain language and focuses on practical steps anyone can take.
When do cohorts start? We’re currently accepting applications for upcoming cohorts. Once you apply, we’ll contact you with anticipated start dates and scheduling options.
What happens after we complete the training? You’ll have ongoing access to all toolkits, recorded webinars, and resources. You’ll also join a network of organizations committed to cybersecurity resilience.
We’re in a different province. Can we still participate? Currently, CyberAIDE serves organizations in Quebec, Ontario, Yukon, Alberta, and British Columbia. If you’re located elsewhere, we encourage you to download our free guide and explore Open North’s other cybersecurity services.
Sign up for updates
Get started with our free cybersecurity guide
Essential Cybersecurity for Small Organizations: What You Need to Know
This 17-page guide provides:
- Introduction to the CIA triad (Confidentiality, Integrity, Availability)
- Overview of Canadian cybersecurity legislation and compliance requirements
- Self-assessment checklist to evaluate your current security posture
- Preparatory documents for cybersecurity audits
- Guidance on third-party vendor assurance
- Practical first steps for protecting your organization
About Open North
Open North is a national nonprofit working at the intersection of technology, data, and civic engagement. We help governments and civic-minded organizations build capacity to manage data effectively, ensuring it’s useful, actionable, secure, and trustworthy throughout its lifecycle.
Our cybersecurity services includes:
- Risk assessments to identify gaps and deficiencies
- Cybersecurity plan development aligned with organizational needs
- Implementation support for policies, tools, audits, and staff training
Canada’s future runs on cybersecurity — and we’re proud to be part of it. As a company listed on BuyCanadianCyber.ca, we’re committed to supporting Canadian innovation, resilience, and security.