Open Government Portal
Found 10 records similar to Top 10 IT Security Actions: #6 Provide Tailored Cyber Security Training (ITSM.10.093)
"This cyber security playbook guides elections authorities on anticipating, mitigating, and responding to threats that are specific to Canada’s democratic processes. This playbook introduces baseline cyber security measures and best practices that you can implement to improve your organization’s security profile. This playbook also provides a set of standards to reference as elections authorities continue to improve current systems and implement new ones. The guidance in this document is based on information gathered from various sources and is only intended to provide a set of recommendations that you can implement in addition to your organizational policies and practices.
When you work in the office, you benefit from the security measures that your organization has in place to protect its networks, systems, devices, and information from cyber threats. Working remotely provides flexibility and convenience. However, remote work can weaken your organization’s security efforts and put you at risk if you don’t take precautions. Read through our cyber security tips to ensure that you are practicing good cyber hygiene when working from home, a café, or any other public location.
This document presents the Canadian Centre for Cyber Security baseline cyber security controls wherein we attempt to apply the 80/20 rule (achieve 80% of the benefit from 20% of the effort) to the cyber security practices of small and medium organizations in Canada.
"This document is intended for elections authorities. It introduces common threats to Canada’s electoral processes and provides guidance on protecting the systems and the people involved in these processes. The guidance in this document is based on information gathered from various sources and is only intended to provide a set of recommendations that you can implement in addition to your organizational policies and practices. Note that this document does not provide exhaustive guidance on the measures you should take to protect your organization against cyber threats.
The Top 10 Information Technology (IT) Security Actions to Protect Internet-Connected Networks and Information (ITSM.10.189) is based on the Canadian Centre for Cyber Security (CCCS) analysis of cyber threat activity trends and their impact on Internet-connected networks. Organizations that implement these recommendations will address many vulnerabilities and counter most current cyber threats.
Organizations and individuals can benefit from using multi-factor authentication (MFA) to secure devices and accounts. With MFA enabled, two or more different authentication factors are needed to unlock a device or sign in to an account. Whether accessing email, cloud storage, or online banking services, MFA provides an extra layer of security from cyber attacks like credential stuffing. In credential stuffing, hackers use previously stolen credentials from one website, hoping that you have reused these credentials.
"Cloud computing has the potential to provide your organization with flexible, on-demand, scalable and self-service IT services. To benefit from cloud computing, your organization must ensure that security risks are properly managed, cloud specific security considerations are addressed, and security controls of cloud-based services are properly assessed before authorized.
You organization can use the guidance in this document to assist with its security assessment and authorization of cloud-based services. "
This document is part of a suite of documents that the Cyber Centre has developed to help secure cloud-based services. Security categorization, the selection of a security control profile, and the selection of a cloud deployment model and a cloud service model are the first three steps of the Cloud Security Risk Management approach. This approach is defined in ITSM.50.062 Cloud Security Risk Management.
Remote work introduces some challenges when trying to balance functionality with security. When working remotely, your employees need to access the same internal services, applications, and information that they would have access to in the office. However, your organization also needs to protect its systems and information, as remote work introduces new vulnerabilities. You need to implement additional security precautions to prevent threat actors from taking advantage of those vulnerabilities.
This document is part of a suite of documents developed by the Cyber Centre to help secure cloud-based services and supports the cloud security risk management approach defined in ITSM.50.062 Cloud Security Risk Management.