All organizations are eligible for certification. The program's cybersecurity measures are primarily designed for small and medium-sized organizations (SMOs).
Organizations must implement all the security control areas of the CyberSecure Canada program. They were developed by the Canadian Centre for Cyber Security in partnership with the CyberSecure Canada program, you can be review and download them on their webpage.
What are the security control areas?
- Develop an incident response plan
- Automatically patch operating systems and applications
- Enable security software
- Securely configure devices
- Use strong user authentication
- Provide employee awareness training
- Backup and encrypt data
- Secure mobility
- Establish basic perimeter defences
- Secure outsourced cloud and IT services
- Secure websites
- Implement access control and authorization
- Secure portable media
These security control areas reflect industry-accepted cybersecurity best practices.
How do you get certified?
Register in the CyberSecure Canada portal to:
Complete the cyber certification readiness survey.
Connect with an accredited certification body.
Request an audit.
Track your certification progress.