On August 12, 2019, the Canadian federal government announced CyberSecure Canada, a voluntary certification program to help small and medium enterprises (“SMEs”) achieve a baseline of cybersecurity. SMEs that demonstrate compliance with specified baseline cybersecurity controls, based on an audit by an accredited certification body, will be granted a two-year certification and be entitled to use the CyberSecure Canada logo.
Cybersecurity for SMEs
Cybersecurity is important for organizations of all kinds and sizes, including SMEs. Cyber criminals are increasingly targeting SMEs, including to obtain information about their customers and business partners and to access the systems and data of their business partners. Cyberattacks can cause SMEs to suffer potentially devastating financial losses and liabilities. However, comprehensive cybersecurity programs can be expensive and time consuming to implement and beyond the financial and human resources means of many SMEs.
In March 2019, the Canadian Centre for Cyber Security issued a guide titled Baseline Cyber Security Controls for Small and Medium Organizations to provide a condensed set of advice and guidance to help Canadian SMEs…
