Image
Women touching transparent screen with lock icon

New standard brings clarity on cybersecurity to SMEs

With 2021 expected to be the worst year on record for cyberattacks, the CIO Strategy Council has published a new standard that will help smaller businesses protect their systems from intruders. 


The new standard, supported by the Standards Council of Canada (SCC), will form part of the requirements for CyberSecure Canada, a voluntary certification program established by Innovation, Science and Economic Development (ISED) and the Communications Security Establishment (CSE) to help SMEs achieve a reasonable level of cybersecurity.


Written with non-expert users in mind, the standard includes how-to guidance and readymade templates to help small and medium-sized enterprises (SMEs) improve their cybersecurity controls. The standard draws on expertise from CSE (Baseline Cyber Security Controls for Small and Medium Organizations) as well as international standards such as ISO’s Information Security Management (ISO/IEC 27001).


“Cybersecurity plays an integral role in building trust with consumers and keeping Canadian businesses competitive. With cyber attacks on the rise, this new standard will support ISED’s CyberSecure Canada program and our commitment to helping smaller businesses across Canada secure their systems and data to succeed in today’s digital economy.”
Honourable François-Philippe Champagne, Minister of Innovation, Science and Industry.

 

“Organizations need resilient and robust security systems to protect their operations. The CyberSecure Canada program strengthens the ability of organizations to embed quality across their value chain. Having the sought-after CyberSecure certification mark tells customers, investors, partners and suppliers that an organization is trustworthy and meets the high level of security standards today’s digital economy demands.”
Elias Rafoul, SCC’s Vice-President of Accreditation Services

 

“A successful cyberattack can have major impacts on smaller companies, including stress and financial loss, compromised banking information, and negative effects on business relationships. SMEs have invested on average $6,700 in upgrading their IT infrastructure, but last year 61,000 of them still became victims of cyberfraud. Cybersecurity is now a significant concern for small business owners, who will welcome the information and resources provided in this new standard.”
Dan Kelly, President and CEO, Canadian Federation of Independent Business


“We are excited that this standard will underpin the CyberSecure Canada certification program, which ensures small and medium-sized organizations meet necessary requirements to defend against cyberattacks. With Canadians increasingly concerned about the safety of their personal data, good cybersecurity practices can be a source of competitive advantage that help businesses establish trust with their clients.”
Keith Jansa, Executive Director of the CIO Strategy Council

To download a free copy of the standard, please visit: https://ciostrategycouncil.com/standards/cybersecurity-smes/

 

About the Standards Council of Canada
Established in 1970 as a federal Crown corporation, the Standards Council of Canada (SCC) is Canada’s voice on standards and accreditation on the national and international stage. SCC works closely with a vast network of partners to promote the development of effective and efficient standards that protect the health, safety and well-being of Canadians while helping businesses prosper. As Canada’s leading accreditation organization, SCC creates market confidence at home and abroad by ensuring that conformity assessment bodies meet the highest national and international standards.

 

About the CIO Strategy Council
The CIO Strategy Council provides a forum for Canada’s most forward-thinking chief information officers to focus on collectively transforming, shaping, and influencing the Canadian information and technology ecosystem. The Council has deployed a nationally-accredited, agile, and consensus-based standards-setting process that matches the speed of innovation and advancement in ICT.  Learn more at ciostrategycouncil.com