CyberSecure Canada Certification

CyberSecure Canada is the new federal cyber certification program for small and medium-size businesses and organizations with less than 500 employees (SMBs). Larger organizations have also found value in becoming certified.

This certification aims to raise the cyber security level among Canadian SMBs, increase consumer confidence in the digital economy, promote international standardization and better position SMBs to compete globally. 

CyberSecure Canada certification requires Canadian SMBs to implement baseline security controls developed by the Canadian Centre for Cyber Security. The security controls are designed to give SMBs the greatest amount of protection – with the least amount of burden.
Cyber Security Canada can help you get certified, every step of the way.
Show Clients, Investors and Suppliers that Your Business Can Be Trusted
Customers, partners, investors and suppliers provide Canadian businesses with valuable information – and trust that their information will be kept secure. When businesses lack strong cybersecurity measures, their data and the information entrusted to them could be at risk for:
  • Theft of personal and/or confidential information
  • Theft of credit card and/or financial and banking information
  • Ransomware leading to catastrophic loss of business data and the disruption of services provided to customers
  • Unauthorized modification of information
  • Fiduciary Liability and Litigation
The Certification Process
  1. To help familiarize yourself with the CyberSecure requirements, use the free E-Learning tools developed by ISED and the Cyber Centre.
  2. Start the Certification Application – contact Cyber Security Canada and…
  3. Select Cyber Security Canada as your Certification Body
  4. Implement Security Controls: Cyber Security Canada can help you plan this process by performing a Gap Analysis – determining your current level of cyber security and mapping out which controls you need to add or improve before your certification audit. We can also provide a complete training program for your IT staff, to guide them through the implementation and documentation process.
  5. Submit your completed documentation to Cyber Security Canada for a CyberSecure conformity assessment.
  6. Once your organization has successfully implemented and documented the required controls, you will be awarded certification.
  7. Share your certification with clients, suppliers and peers to let them know that their trust in your company is well placed.
  8. CyberSecure Certification is valid for 2 years, after which you will recertify.