With 2021 expected to be the worst year on record for cyberattacks, the CIO Strategy Council has published a new standard that will help smaller businesses protect their systems from intruders.
The new standard, supported by the Standards Council of Canada (SCC), will form part of the requirements for CyberSecure Canada, a voluntary certification program established by Innovation, Science and Economic Development (ISED) and the Communications Security Establishment (CSE) to help SMEs achieve a reasonable level of cybersecurity.
Written with non-expert users in mind, the standard includes how-to guidance and readymade templates to help small and medium-sized enterprises (SMEs) improve their cybersecurity controls. The standard draws on expertise from CSE (Baseline Cyber Security Controls for Small and Medium Organizations) as well as international standards such as ISO’s Information Security Management (ISO/IEC 27001).
“Cybersecurity plays an integral role in building trust with consumers and keeping Canadian businesses competitive. With cyber attacks on the rise, this new standard will support ISED’s CyberSecure Canada program and our commitment to helping smaller businesses across Canada secure their systems and data to succeed in today’s digital economy.” – Honourable François-Philippe Champagne, Minister of Innovation, Science and Industry.
“Organizations need resilient and robust security systems to protect their operations. The CyberSecure Canada program strengthens the ability of organizations to embed quality across their value chain. Having the sought-after CyberSecure certification mark tells customers, investors, partners and suppliers that an organization is trustworthy and meets the high level of security standards today’s digital economy demands.” – Elias Rafoul, SCC’s Vice-President of Accreditation Services
“A successful cyberattack can have major impacts on smaller companies, including stress and financial loss, compromised banking information, and negative effects on business relationships. SMEs have invested on average $6,700 in upgrading their IT infrastructure, but last year 61,000 of them still became victims of cyberfraud. Cybersecurity is now a significant concern for small business owners, who will welcome the information and resources provided in this new standard.” – Dan Kelly, President and CEO, Canadian Federation of Independent Business
“We are excited that this standard will underpin the CyberSecure Canada certification program, which ensures small and medium-sized organizations meet necessary requirements to defend against cyberattacks. With Canadians increasingly concerned about the safety of their personal data, good cybersecurity practices can be a source of competitive advantage that help businesses establish trust with their clients.” – Keith Jansa, Executive Director of the CIO Strategy Council