Key Takeaways

  • Victoria Police introduced a reporting initiative aimed at helping businesses respond to fraud, ransomware, and data breaches
  • The program was created by Det. Vlad Filatov and began operating in August 2024
  • The effort reflects growing demand for early‑stage support as cyber incidents accelerate across midsize organizations

A new cyber‑risk reporting initiative from the Victoria Police Department (VicPD) is beginning to attract attention across British Columbia’s business community. The program, created by VicPD Detective Vlad Filatov and launched in August 2024, was designed to give local organizations a structured way to report fraud, ransomware, or a data breach before those issues spiral into full‑blown crises. It is rare for a municipal police department to step so directly into the early stages of cybersecurity response.

The initiative emerged at a time when many midsize businesses—especially those without full in‑house security teams—were clamoring for clearer guidance. Cyber incidents have a way of unfolding unevenly. One moment, an employee notices a strange email redirect. Hours later, an entire ERP system is locked behind a ransom note. The question for many executives in that moment is simple: Who do we call first? And perhaps more importantly, how soon?

Law enforcement agencies have traditionally become involved only after the damage is done. However, Filatov’s approach hints at a shift toward an earlier, more collaborative posture. While the release announcing the program did not dive into lengthy technical detail, the emphasis on reporting fraud, ransomware, or data breaches suggests a broad intake scope. That breadth might feel surprising at first, but as cybercriminal activity becomes increasingly intertwined—phishing leading to credential theft leading to financial fraud—a wider capture net makes practical sense.

Some organizations in the region have quietly welcomed the change. Early reporting channels, even if they are not a replacement for private cybersecurity services, can help stabilize decision‑making during the chaotic first hours of an incident. Sometimes a business simply needs a steady voice outlining steps that won't accidentally complicate recovery or evidence preservation. Anyone who has dealt with ransomware knows how easy it is to make the wrong move under stress. Decisions regarding shutting down systems, disconnecting networks, or preserving logs are not always obvious.

Beyond immediate response, programs like this tend to help police departments see larger attack patterns. A spike in local fraudulent wire transfer attempts might hint at coordinated targeting. A run of small businesses reporting similar ransomware variants could indicate a campaign focused on specific software vulnerabilities. While VicPD has not published that level of operational detail, this type of aggregated visibility is typically where law enforcement can add meaningful value.

Not every business leader will think to call the police when they receive a suspicious email. Cybersecurity still feels like a private sector problem to many. Yet municipal and regional police units across Canada have slowly been expanding their cyber‑crime roles over the past decade. Some have created specialized digital forensics teams, while others have joined national task forces. VicPD’s move fits into that trajectory, even if the scale is local.

Smaller cities often pilot practical, lightweight programs like this before larger jurisdictions adopt them. It is not that big cities avoid innovation; rather, bureaucracy can slow down early experiments. A more nimble police department can test approaches, learn from the rough edges, and adapt. While it is difficult to predict if larger agencies will replicate a similar reporting model, the growing pressure on businesses to report cyber incidents—both voluntarily and under evolving regulatory requirements—suggests some will.

Businesses participating in the early months of the program are likely focused on practical outcomes. They need to know if the police can help coordinate with insurers, offer guidance on preserving evidence, or connect organizations with the right federal reporting channels. Even when law enforcement cannot directly remediate technical damage, having a defined process often reduces confusion. In cybersecurity, reducing confusion is vital.

Cyber incidents also have reputational implications. Leaders sometimes hesitate to involve external authorities because they fear leaks or unintended attention. Filatov’s team appears to be positioning this initiative as a controlled, confidential first touchpoint rather than a public escalation step. While the release did not elaborate on confidentiality practices, most Canadian police cyber units already operate under strict privacy frameworks. That context matters, especially for small and midsize firms still building confidence in their cyber‑risk protocols.

There is also a broader economic angle. Municipal economies depend on resilient local businesses. A ransomware surge that hits dozens of companies simultaneously disrupts operations, employment, supply chains, and municipal revenue. A reporting program that improves early detection and coordination, even modestly, supports the stability of the business environment. It is foundational work.

Programs like this will not solve the region’s cybersecurity challenges on their own. However, they can reduce uncertainty for organizations facing high‑stress, high‑stakes decisions. Sometimes a well‑timed conversation with law enforcement can nudge a response effort onto the right path.

In a landscape where cyberthreats evolve weekly, a simple reporting initiative may feel understated. Still, it represents a growing acknowledgment that cybersecurity is a community problem, not just a technological one. VicPD’s effort is one more sign that local institutions are stepping in to help fill the gaps.