Latest news with #IRAP
Yahoo
15-05-2025
- Business
- Yahoo
Opinion: Ottawa needs a new industrial innovation policy
By John Lester Too many Canadian innovators sell their intellectual property to foreigners rather than commercialize their inventions in this country. That's bad for Canadian productivity. Ottawa should: move some of its support for R&D over to commercialization and scale-up, improve access to risk capital for small and medium-sized enterprises (SMEs) that innovate, and reduce taxes on successful innovation. Support for R&D performed by SMEs is currently too generous. Federal and provincial tax credits reduce firms' cost of performing R&D almost 40 per cent. And about 3,000 of the 17,000 firms claiming tax credits also get financial support from the federal government's Industrial Research Assistance Program (IRAP). That double dip raises their average subsidy rate to a staggering 65 per cent. The fiscal cost of IRAP is approximately $400 million — on top of about $2.1 billion for the Scientific Research and Experimental Development (SR&ED) program for SMEs. R&D creates knowledge that has effects extending beyond the firm performing it, so a well-designed R&D subsidy program could make Canadians richer. But, as I show in a recent paper, topping up federal and provincial tax credits with IRAP subsidies actually makes Canadians poorer. The high subsidy rates reduce the hurdle rate for investment, which encourages entrepreneurs to undertake some projects that have very low commercial value — which means IRAP support fails a benefit-cost test. Even worse, IRAP's business model results in administrative expenses that are about 15 per cent of the financial assistance provided to firms. The corresponding figure for SR&ED is about 3 percent. The social costs arising from investing in projects with low commercial value and high administrative expenses are about 40 per cent larger than the spillover benefits from the new knowledge created. Encouraging projects with a minus 40 per cent return is a serious waste of public money. IRAP's mandate is to create wealth. Ottawa should restructure it to support commercialization and scale-up rather than R&D. IRAP's knowledgeable Industrial Technology Advisors are well-placed to identify promising inventions. IRAP could authorize financial assistance that firms would repay as their commercialization generated profits, thus substantially reducing the program's net fiscal cost. Providing money only to Canadian firms and making them pay it back immediately if they sell to foreigners would encourage keeping intellectual property in Canada. The federal Liberals' election platform contained two new initiatives to improve small innovative firms' access to risk capital: flow-through shares and increased funding for venture capital. Firms performing R&D can't deduct their expenses until they're profitable. Issuing shares to people or businesses that do have taxable income they can deduct such expenses against is a way to realize the assistance right away. But because most purchasers of flow-through shares face a higher tax rate than SMEs, they cost governments more than if firms were able to deduct expenses as they are incurred. And the benefit to firms is eroded by the costs of setting up and selling the shares. A better approach would be a tax credit for investors in innovative startups. This would help fill a gap in Canada's risk capital market at the seed stage and in the lower tier of venture capital (VC) — deals worth up to $5 million. In addition to eliminating the costs associated with shares, a tax credit would attract more capital from sophisticated investors, who often provide advice as well as money. The Liberals also proposed to increase funding for the VC activities of the Business Development Bank, which would be helpful if focused on the higher tier of VC financing — deals of $20 million and up. The dominance of U.S. suppliers in this tier means many smaller firms either sell their IP in the U.S. or go there to commercialize and scale up. Finally, the rewards to successful commercialization in Canada need to be higher. The Trudeau government's announced but not yet implemented Canadian Entrepreneurs' Incentive, which cuts capital gains tax on the sale of shares in innovative SMEs, is a good idea but does not go far enough. Taxing capital gains earned on the sale of shares amounts to double taxation. Innovations increase expected profits and raise the market value of an enterprise, which gives rise to a capital gain on the sale of shares. But these profits are also subject to tax when distributed as dividends. So the effect is double taxation. Opinion: Here's one growth problem we can fix without money Opinion: Resources, yes, but don't give up on the knowledge economy just yet The federal government should therefore gradually eliminate capital gains tax on shares that R&D-performing startups sell to Canadian residents. To keep the focus on successful firms, it should finance the initiative by phasing out the special lower corporate income tax rate SMEs pay. John Lester, fellow-in-residence at the C.D. Howe Institute, is an executive fellow at the School of Public Policy, University of Calgary. Sign in to access your portfolio
Associated Press
14-05-2025
- Business
- Associated Press
ColorTokens Slashes Federal Compliance Timelines and Enhances Container Security with RapidFort
SAN FRANCISCO--(BUSINESS WIRE)--May 14, 2025-- RapidFort, the fastest growing cybersecurity company securing the global software supply chain, has partnered with ColorTokens Inc., a pioneer in Zero Trust security and leader in microsegmentation, to strengthen its containerized infrastructure security and optimize its federal compliance efforts. By leveraging RapidFort's platform, ColorTokens notably reduced its attack surface by 77%, minimizing its security risks and improving security operations. 'RapidFort has measurably strengthened the security of both our cloud‑hosted SaaS platform and our on‑premise product,' said Harish Akali, CTO of ColorTokens, 'It's hardened container images, continuous scanning, and clear remediation guidance have cut our vulnerability backlog and supplied the evidence we needed to fast‑track FedRAMP, IRAP, and other certification audits.' Like many organizations who enter the federal marketplace, ColorTokens was challenged by diverse third-party base images and complex DevSecOps workflows. The constant need to maintain stringent federal compliance standards, including FIPS and STIG, required a solution that would reduce vulnerabilities without overburdening engineering resources. RapidFort helped ColorTokens address these challenges by: 'Far too often, organizations must divert critical resources to remediate vulnerabilities and meet compliance requirements, rather than advancing core business priorities,' said Mehran Farimani, CEO of RapidFort. 'By leveraging the RapidFort platform to optimize vulnerability management and minimize their security risks, ColorTokens was able to secure their software faster and with less strain on their teams, reducing the burden of meeting stringent federal compliance requirements.' RapidFort, already available through Platform One, Tradewind Marketplace, AWS Marketplace, Microsoft Azure Marketplace, Google Cloud Marketplace, and Carahsoft, provides a reliable and efficient pathway for organizations looking to enter the federal marketplace and drive growth in the government sector. For more information about the RapidFort platform, please visit: About RapidFort RapidFort offers a cybersecurity platform that streamlines and secures modern infrastructure. Their innovative approach allows organizations to continuously monitor and minimize their software attack surface, ultimately improving their security posture and operational efficiency. RapidFort empowers development and security teams with a free tier and free community images, making it easy to get started with secure software development. Learn more about RapidFort at View source version on CONTACT: Cole Christy LaunchTech Communications 619-972-9836 [email protected] KEYWORD: UNITED STATES NORTH AMERICA CALIFORNIA INDUSTRY KEYWORD: SOFTWARE INTERNET DATA MANAGEMENT TECHNOLOGY LOGISTICS/SUPPLY CHAIN MANAGEMENT TRANSPORT OTHER TECHNOLOGY SECURITY SOURCE: RapidFort Copyright Business Wire 2025. PUB: 05/14/2025 09:30 AM/DISC: 05/14/2025 09:31 AM
Business Wire
14-05-2025
- Business
- Business Wire
ColorTokens Slashes Federal Compliance Timelines and Enhances Container Security with RapidFort
SAN FRANCISCO--(BUSINESS WIRE)-- RapidFort, the fastest growing cybersecurity company securing the global software supply chain, has partnered with ColorTokens Inc., a pioneer in Zero Trust security and leader in microsegmentation, to strengthen its containerized infrastructure security and optimize its federal compliance efforts. By leveraging RapidFort's platform, ColorTokens notably reduced its attack surface by 77%, minimizing its security risks and improving security operations. 'RapidFort has measurably strengthened the security of both our cloud‑hosted SaaS platform and our on‑premise product,' said Harish Akali, CTO of ColorTokens, 'It's hardened container images, continuous scanning, and clear remediation guidance have cut our vulnerability backlog and supplied the evidence we needed to fast‑track FedRAMP, IRAP, and other certification audits.' Like many organizations who enter the federal marketplace, ColorTokens was challenged by diverse third-party base images and complex DevSecOps workflows. The constant need to maintain stringent federal compliance standards, including FIPS and STIG, required a solution that would reduce vulnerabilities without overburdening engineering resources. RapidFort helped ColorTokens address these challenges by: Deploying FIPS and STIG aligned pre-hardened, near-zero CVE images for Ubuntu, Redis, Golang, and Reducing vulnerabilities through intelligent runtime profiling and automated removal of unused software components, dramatically reducing exposure and cutting down on manual patching efforts. Embedding RapidFort's runtime-aware scanner into CI/CD pipelines, providing continuous visibility, real-time vulnerability insights, and proactive control. Accelerating compliance readiness by three months using built-in benchmarking and STIGing tools, simplifying the path to federal certifications like FedRAMP. 'Far too often, organizations must divert critical resources to remediate vulnerabilities and meet compliance requirements, rather than advancing core business priorities,' said Mehran Farimani, CEO of RapidFort. 'By leveraging the RapidFort platform to optimize vulnerability management and minimize their security risks, ColorTokens was able to secure their software faster and with less strain on their teams, reducing the burden of meeting stringent federal compliance requirements.' RapidFort, already available through Platform One, Tradewind Marketplace, AWS Marketplace, Microsoft Azure Marketplace, Google Cloud Marketplace, and Carahsoft, provides a reliable and efficient pathway for organizations looking to enter the federal marketplace and drive growth in the government sector. For more information about the RapidFort platform, please visit: About RapidFort RapidFort offers a cybersecurity platform that streamlines and secures modern infrastructure. Their innovative approach allows organizations to continuously monitor and minimize their software attack surface, ultimately improving their security posture and operational efficiency. RapidFort empowers development and security teams with a free tier and free community images, making it easy to get started with secure software development. Learn more about RapidFort at
Yahoo
14-05-2025
- Business
- Yahoo
ColorTokens Slashes Federal Compliance Timelines and Enhances Container Security with RapidFort
Partnership significantly improved company's operational efficiency by eliminating critical software vulnerabilities and fast-tracking certification audits by three months SAN FRANCISCO, May 14, 2025--(BUSINESS WIRE)--RapidFort, the fastest growing cybersecurity company securing the global software supply chain, has partnered with ColorTokens Inc., a pioneer in Zero Trust security and leader in microsegmentation, to strengthen its containerized infrastructure security and optimize its federal compliance efforts. By leveraging RapidFort's platform, ColorTokens notably reduced its attack surface by 77%, minimizing its security risks and improving security operations. "RapidFort has measurably strengthened the security of both our cloud‑hosted SaaS platform and our on‑premise product," said Harish Akali, CTO of ColorTokens, "It's hardened container images, continuous scanning, and clear remediation guidance have cut our vulnerability backlog and supplied the evidence we needed to fast‑track FedRAMP, IRAP, and other certification audits." Like many organizations who enter the federal marketplace, ColorTokens was challenged by diverse third-party base images and complex DevSecOps workflows. The constant need to maintain stringent federal compliance standards, including FIPS and STIG, required a solution that would reduce vulnerabilities without overburdening engineering resources. RapidFort helped ColorTokens address these challenges by: Deploying FIPS and STIG aligned pre-hardened, near-zero CVE images for Ubuntu, Redis, Golang, and Reducing vulnerabilities through intelligent runtime profiling and automated removal of unused software components, dramatically reducing exposure and cutting down on manual patching efforts. Embedding RapidFort's runtime-aware scanner into CI/CD pipelines, providing continuous visibility, real-time vulnerability insights, and proactive control. Accelerating compliance readiness by three months using built-in benchmarking and STIGing tools, simplifying the path to federal certifications like FedRAMP. "Far too often, organizations must divert critical resources to remediate vulnerabilities and meet compliance requirements, rather than advancing core business priorities," said Mehran Farimani, CEO of RapidFort. "By leveraging the RapidFort platform to optimize vulnerability management and minimize their security risks, ColorTokens was able to secure their software faster and with less strain on their teams, reducing the burden of meeting stringent federal compliance requirements." RapidFort, already available through Platform One, Tradewind Marketplace, AWS Marketplace, Microsoft Azure Marketplace, Google Cloud Marketplace, and Carahsoft, provides a reliable and efficient pathway for organizations looking to enter the federal marketplace and drive growth in the government sector. For more information about the RapidFort platform, please visit: About RapidFort RapidFort offers a cybersecurity platform that streamlines and secures modern infrastructure. Their innovative approach allows organizations to continuously monitor and minimize their software attack surface, ultimately improving their security posture and operational efficiency. RapidFort empowers development and security teams with a free tier and free community images, making it easy to get started with secure software development. Learn more about RapidFort at View source version on Contacts Cole ChristyLaunchTech Communications619-972-9836cole@ Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
14-05-2025
- Business
- Yahoo
Workato Completes IRAP Assessment to Support Enterprise Orchestration and Automation for Australian Government and Regulated Industries
IRAP assessment strengthens digital transformation and cloud service capabilities for public sector and regulated industry customers. SYDNEY, May 14, 2025 /PRNewswire/ -- Workato®, the leading enterprise orchestration platform, has successfully completed an independent Infosec Registered Assessors Program (IRAP) assessment. This assessment evaluated Workato's security posture against the Australian Government Information Security Manual (ISM) controls at the PROTECTED level. The completion of the IRAP assessment adds to Workato's broader global security achievements over the past three months, including the PCI DSS 4.01 Level 1 service provider as well as the ISO 27001, and ISO 27701 certifications. This underscores Workato's strong commitment to safeguarding sensitive customer information and maintaining operational excellence for government and regulated industry customers. The IRAP assessment was performed by an endorsed IRAP Assessor, providing an independent evaluation of Workato's security controls. The assessment strengthens Workato's ability to support Australian Government agencies and regulated enterprises in meeting stringent security expectations. "Many government agencies face challenges with siloed data and fragmented processes, which increase operational burdens and inefficiencies. These agencies are looking for cloud-based enterprise orchestration solutions that connect applications and processes end-to-end while being simple to implement and secure," said John Deeb, General Manager, ANZ at Workato. "Workato has always prioritised providing government agencies and organisations with a secure, efficient platform to orchestrate their technology stacks. Completing the IRAP assessment, together with our extensive security features, gives our customers greater confidence in consolidating workflows and applications into one platform while maintaining complete data sovereignty within Australia," Deeb said. The IRAP assessment enables Workato to expand its presence in the Australian public sector and regulated industries, offering seamless system, data, and technology integration with the assurance that its platform has been independently assessed against Australian Government security requirements. "We are proud to demonstrate our commitment to security and governance through the successful completion of the IRAP assessment. This milestone reinforces our focus on supporting Australian Government agencies and regulated enterprises with secure and resilient orchestration solutions," said Hans Gustavson, Chief Information Security Officer (CISO) at Workato. Workato's security program focuses on continuous improvement, ongoing risk management, and adherence to best practice cybersecurity standards, allowing customers to confidently transform their operations and focus on their missions. Read more about Workato's world-class and industry-leading security at as well as more on Workato's IRAP assessment here. About Workato Workato transforms technology complexity into business opportunity. As the leader in enterprise orchestration, Workato helps businesses globally streamline operations by connecting data, processes, applications, and experiences. Its AI-powered platform enables teams to navigate complex workflows in real-time, driving efficiency and agility. Trusted by over 12,000 global customers, Workato empowers organisations of every size to unlock new value and lead in today's fast-changing world. Learn how Workato helps businesses of all sizes achieve more at View original content: SOURCE Workato Sign in to access your portfolio
