Beef up your organization's security posture with the CyberSecure Canada Certification
Recognized by the Standards Council of Canada as a national CyberSecure Canada Certification Body, Bulletproof is here to help.
To keep costs down and both your business and your people safe, delivery is performed remotely.
71% of data breaches happen to small businesses + nearly half of all small businesses have been the victim of a cyberattack!
(Source: StaySafeOnline.org)
Table of Contents
What is CyberSecure Canada?
CyberSecure Canada is a federal cyber certification program that aims to:
- Raise the cyber security baseline among small and medium enterprises (SMEs) in Canada
- Increase consumer confidence in the digital economy
- Promote international standardization
- Better position SMEs to compete globally
Who is CyberSecure For?
Due to the scarcity in IT resources and funding combined with the increase in cyber-attacks, the CyberSecure Canada Program is targeted towards small and medium-size businesses; however, enterprise-sized companies are also eligible for the certification program.
What Does It Mean To Be Certified?
A business has demonstrated that it has implemented the security controls established by the Cyber Centre, Canada's cybersecurity experts. The CyberSecure Canada certification mark will give certified businesses official recognition by the federal government for demonstrating their compliance to the baseline security controls. The certification mark provides an easy way for customers, investors, partners and suppliers to know that a business has decreased their cyber risk.
How Long Is The Certification Valid For?
The certification will be valid for 2 years. When your certification expires you will be required to follow a recertification process to maintain your CyberSecure Canada certification.
What Are The Requirements?
Certification requires Canadian SMEs to implement the baseline security controls developed by the Canadian Centre for Cybersecurity.
- Develop an Incident Response Plan
- Automatically Patch Operating Systems and Applications
- Enable Security Software
- Provide Employee Awareness Training
- Secure Websites
- Backup and Encrypt Data
- Implement Access Control and Authorization
- Secure Portable Media
- Secure Mobility
- Establish Basic Perimeter Defences
- Securely Configure Devices
- Use Strong User Authentication
The security controls aim to give SMEs the greatest amount of protection with the least amount of burden.
How Does The Certification Process Work?
The process has been designed to allow the audit work to be performed remotely, helping small to medium organizations better manage cost. The audit consits of a documentation review against the standards requirements, with interviews being performed if clarification is needed.
What Is Bulletproof's Role As An Accredited Certification Body?
Certification Bodies (CBs) are public and private businesses that are accredited by the Standards Council of Canada (SCC) who have met the requirements of the SCC. CBs will verify that businesses have met all the security controls for certification using assessment criteria developed by ISED and and the Cyber Centre.
What is the Role of the Standards Council of Canada (SCC)?
As Canada’s national accreditation body, SCC rigorously assesses the experts who certify organizations.
How Bulletproof Approaches Your Audit
To access the PDF with full details, please click on the links below: