Organizations that fail to guard against cyber attacks put their intellectual property, consumer data, and their viability at risk. Cyberattacks have huge implications for companies, from operations to reputation, which directly impact the Canadian economy.
Developed in collaboration with Innovation, Science and Economic Development (ISED) and the Communications Security Establishment (CSE), CyberSecure Canada is a federal cyber certification program which provides a straightforward, low-cost way for small and medium-sized enterprises (SMEs) — meaning those with less than 500 employees — to protect themselves from the most common cyber threats.
The program aims to
- raise the cyber security baseline among SMEs in Canada;
- increase consumer confidence in the digital economy;
- promote international standardization; and
- better position SMEs to compete globally.
The program is a voluntary, recognizable certification to enable SMEs to demonstrate that they meet a baseline set of security practices and controls developed by the Canadian Centre for Cyber Security. The security controls aim to give SMEs the greatest amount of protection with the least amount of burden.
Accreditation is a formal, independent verification that an organization meets established quality standards and is competent to carry out specific conformity assessment tasks, such as certification. As Canada’s leading accreditation organization, we ensure organizations, also called conformity assessment bodies, demonstrate the technical competence, reliability and integrity against nationally and internationally recognized standards.
In order to provide the CyberSecure Canada certification program, you must be accredited by SCC first. If you wish to become accredited to offer the CyberSecure certification mark to your customers, please contact our accreditation team at email@example.com.
The CyberSecure Canada certification mark will give certified businesses official recognition by the federal government for demonstrating their compliance to the baseline security controls. It provides an easy way for customers, investors, partners and suppliers to know that a business has decreased their cyber risk.
SCC does not provide certification. We accredit organizations (conformity assessment bodies) to deliver the certification program.
If you want to learn more or become certified under the CyberSecure Canada certification program,please visit ISED’s CyberSecure webpage, contact one of the organizations below that have already been recognized or contact us.
List of Certification Bodies Recognized by SCC
Bureau de normalisation du Québec
333 Franquet Street, Quebec, QC G1P 4C7 Canada
Cyber Security Canada
5444 Yonge St. Suite 1202A, North York, ON, M2N 6J4 Canada
WatSec Cyber Risk Management
University of Waterloo David Johnston Research +
Tech Park, 420 Wes Graham Way, Suite 102, Waterloo, ON N2L 0J6 Canada
25 Alison Blvd., Fredericton, NB, E3C 2N5, Canada
Upcoming National Standard of Canada
In December 2019, SCC has engaged CIO Strategy Council to develop a National Standard of Canada for the CyberSecure Canada certification program. The new standard will address security controls such as, but not limited to:
- the development of an incident response plan
- automatic patching of operating systems and applications
- enable security software
- the use of strong authentication
- data backups
The standard will further support the CyberSecure Canada program, and will be low burden, easily accessible, affordable, effective, national in scope, and sector neutral.