Dec. 18, 2025 –
Ramping up AI and quantum computing is high on Canada’s agenda—but so is digital and data sovereignty.
At Accelerated 2025, Canada’s national semiconductor symposium held in Vancouver late November, the role of semiconductors to bolster data sovereignty and security was front and center.
Debjani Mukherjee, CEO of Spica Systems, said security must be embedded at every level of connected systems, but that the silicon architecture creator holds primary authority. “Security has to be embedded right in the chip to the cloud—the application.”
Mukherjee said policies governing data access and control must be enforced directly within the hardware if the entire stack is to meet data sovereignty requirements.
Sovereignty does not mean that data has to stay in one country. Mukherjee said raw data collected at the edge may stay there to be processed, especially when there are data residency concerns. But that data could also travel to the cloud, which is when it could cross borders. She said a trust-driven approach is required based on verified processes, collaborative partnerships and standardized controls.
Mukherjee highlighted the need for organizations and countries to establish common standards for data sharing and protection, as well as distinguishing between sensitive and shareable data, negotiating relationships and protocols accordingly. “The way we move forward would be to have the right kind of certification.”
She suggested that pilot projects for specific industries like mining would provide a means to test and implement data sovereignty strategies.
Rob Putman, global manager for cybersecurity services at ABB Process Automation, said the path to data sovereignty is incremental and begins with pragmatic steps, such as properly categorizing and describing data elements and threat modeling, before moving to more complex issues like sovereignty. “What is the data? What are the sources of data? What is it used for? What impact do they have?”
He cites third-party suppliers as weak links in the data sovereignty chain. “We’re not validating who’s coming into our systems and environments.” Industries like mining are particularly susceptible to this threat, Putman said, pointing out that a significant percentage of data breaches are linked to third-party contractors.
Stuart Stein, founder and CEO of ConnSens Technologies, emphasized the importance of collaboration in data-sensitive environments. His company wants NDAs when working with partners. Those who will not sign one become a concern, he said.
Maintaining data sovereignty is about preventing its theft, so government regulation, policies, certifications and other partnership agreements must be backed up by robust security technology the ensures encryption and redundancy, Stein said. “Redundancy at all levels is essential for planning and for responding to data breaches.”