In an exclusive interview with CanadianSME Small Business Magazine, Dr. Shaun Ghafari, Dean of Engineering, and Francis Syms, Associate Dean of Information & Communications Technology at Humber Polytechnic, share their insights on the evolving landscape of cybersecurity and AI. As businesses navigate increasing cyber threats and AI-driven transformation, Humber Polytechnic is at the forefront of equipping students and SMEs with the skills, tools, and industry partnerships needed to stay competitive. From hands-on learning at the Digital Technology Hub to new AI governance programs, this conversation highlights the critical role education plays in securing Canada’s digital future.
Dr. Shaun Ghafari
Dr. Shahab (Shaun) Ghafari is the Dean of Engineering for the Faculty of Applied Sciences and Technology at Humber Polytechnic. He received his MASc. and Ph.D. degrees from the University of Waterloo, Department of Mechanical Engineering.
Dr. Ghafari has extensive industry machine design, combined with his career as a mechanical engineer and project manager, has played a leading role in the successful completion of more than 40 applied research projects with industry partners. His role as the Dean of Engineering at Humber Polytechnic oversees a comprehensive portfolio of honours degrees, advanced diplomas and diplomas that are preparing the next generation of engineering leaders.
In his previous role as the applied research coordinator and principal investigator, Dr. Ghafari supervised several industrial projects, providing students with remarkable opportunities for employment. He has received grants from a variety of provincial and federal funding agencies including NSERC, IRAP, FedDev and OCE.
Francis Syms
Francis Syms is a senior industry professional and educator in cybersecurity, artificial intelligence, and risk management. He invented a patented secure messaging platform and has spent years working in various roles at telecommunication, hardware development, and software development companies.
Francis joined Humber Polytechnic in 2016 as a part-time consultant and filled several academic roles before joining the Faculty of Applied Sciences & Technology in 2023 as the Associate Dean, Information & Communications Technology.
Francis has successfully led and launched many complex technology programs and products to market in volume and held senior positions at Research in Motion, Kobo Inc., and Rogers Communications to name a few. He has significant expertise in unified communications, cybersecurity, enterprise software, and consumer hardware and is a leader in enterprise & PMO transformation and change management.
Francis has a well-developed global perspective, working on various assignments in Latin America, Asia and Europe, and is the author of a leading Canadian focused textbook on cybersecurity used in post-secondary institutions across Canada. He often provides his expertise to mainstream news content and is a frequent technology expert commentator on CBC Radio. He is also a regular keynote speaker and panelist lending his expertise and insights in cybersecurity and artificial intelligence.
He earned a Bachelor of Engineering in Electrical Engineering at Dalhousie University, and a Master’s in Science in Wireless Communications at the University of Toronto.
As an expert in cybersecurity and AI, what do you believe are the most critical steps Canadian SMEs should take to protect themselves from increasingly sophisticated cyber-attacks?
Canadian SMEs must adopt a comprehensive approach to cybersecurity. Multi-factor authentication (MFA) is one of the most critical defenses, as compromised credentials account for a significant portion of breaches in Canada. Implementing MFA reduces the likelihood of unauthorized access and should be a cornerstone of every SME’s strategy.
In addition to MFA, SMEs must prioritize business continuity through a tested incident response plan. This ensures quick recovery and minimizes downtime in the event of a breach. Cybersecurity insurance is another essential safeguard, providing financial support and expert resources to mitigate impacts.
Employee training remains vital, as human error is a common factor in breaches. Educating staff on phishing, social engineering, and safe digital practices can reduce vulnerabilities. Finally, leveraging AI-powered tools for real-time threat detection and response can further enhance security and resilience against evolving cyber threats.
How can Canadian SMEs effectively leverage AI to improve their operational efficiency and competitiveness while managing associated risks?
AI offers SMEs powerful tools to optimize operations, enhance decision-making, and stay competitive. Predictive analytics can streamline inventory management, reduce waste, and forecast market trends, while AI-driven chatbots improve customer service by handling inquiries efficiently.
However, managing risks is crucial. SMEs should treat the data they collect as intellectual property (IP), ensuring it is stored securely and shared only in compliance with PIPEDA (Personal Information Protection and Electronic Documents Act). The “Bring Your Own AI” (BYOAI) trend also introduces risks, as employees may use unapproved AI tools that mishandle sensitive data. Clear policies, approved tools, and employee training can mitigate these challenges.
Governance and transparency in AI implementation are equally important. Regular audits, ethical practices, and selecting trusted vendors help minimize bias and ensure compliance with regulations. By integrating AI thoughtfully and responsibly, SMEs can boost efficiency, competitiveness, and resilience.
In your role at Humber Polytechnic, how are you addressing the skills gap in cybersecurity and AI to ensure graduates are well-prepared for industry needs?
At Humber Polytechnic, we tackle the skills gap by aligning our programs with industry demands and emphasizing hands-on learning. A notable initiative is our new AI Integration and Governance program, which prepares students for roles such as AI governance specialists and prompt engineers. This program emphasizes ethical AI deployment, data governance, and risk management.
We prioritize experiential education through co-op placements, capstone projects, and partnerships with industry leaders. Students gain practical experience at our Digital Technology Hub, where they work on real-world challenges. Our curriculum also includes cutting-edge topics such as quantum-safe cryptography and advanced threat detection, ensuring graduates stay ahead of industry trends.
By combining specialized programs with practical training and strong industry collaborations, Humber Polytechnic ensures students are job-ready and equipped to lead in cybersecurity and AI fields.
Can you share a specific example of how the Digital Technology Hub has helped a Canadian SME improve its security posture or implement AI solutions?
At Humber Polytechnic’s Digital Technology Hub, we’ve conducted numerous free cybersecurity assessments for Canadian SMEs. These assessments, completed by experts and students, identify critical vulnerabilities and provide actionable recommendations.
In one instance, we worked with a small engineering firm to address gaps in their incident response and data recovery strategies. Our team recommended implementing multi-factor authentication (MFA), improving endpoint security, and adopting a formal business continuity plan. These changes significantly enhanced their ability to prevent and recover from cyber incidents.
Another SME in the logistics sector benefited from a review of their IT and operational technology (OT) systems. We introduced network segmentation and Zero Trust principles, reducing risks while improving efficiency. These examples demonstrate how the Digital Technology Hub supports SMEs in strengthening their security posture and operational resilience.
Looking ahead, what emerging trends in cybersecurity and AI do you foresee having the most significant impact on Canadian SMEs in the next 5-10 years?
Several emerging trends will shape the future for Canadian SMEs. Quantum computing is a major concern, as it could render traditional encryption methods obsolete. SMEs must transition to quantum-resistant encryption, and the industry is actively developing tools to support this shift.
AI-driven threat detection and response will become essential, enabling SMEs to identify and mitigate cyber risks in real time. However, misuse of AI, such as deepfake fraud and AI-generated phishing attacks, will require vigilance and robust countermeasures.
The convergence of IT and operational technology (OT) will also introduce new vulnerabilities, particularly in sectors like manufacturing and logistics. Adopting Zero Trust Architecture and segmenting networks will be key to managing these risks.
Finally, stricter global data privacy regulations will demand greater compliance and transparency. SMEs will need to prioritize data governance and ensure AI applications adhere to ethical and legal standards. By staying proactive and leveraging industry innovations, SMEs can secure their operations and position themselves for growth in a rapidly evolving digital landscape.
