Open Government Portal

Found 10 records similar to Cyber Security Considerations for Management - Guidance for the Government of Canada (ITSB-67)

Federal

This document provides guidance for deploying Microsoft Windows 7 Enterprise Edition operating system (OS) (i.e., Windows 7) in a manner that will best prevent compromise of Government of Canada (GC) IT assets and infrastructures in a generic internet-facing Protected B environment. It is intended for use by information system practitioners, security practitioners, and security assessment and authorization authorities who are collectively responsible for departmental networking risk management.

Last Updated: Dec. 12, 2019
Date Published: Oct. 1, 2014
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Network Security, Operating Systems and Applications
Federal

"With today’s dynamic threat environment and Government of Canada (GC) fiscal constraints, information technology (IT) security can no longer be an afterthought, but rather needs to be a vital component in both departmental and IT project plans.

IT security risks can result in exposure of sensitive government information, a loss in productivity, an inability to meet organizational objectives, or damage to the GC’s reputation, all of which can be costly to the GC.

IT security risk management is the process by which organizations manage IT security risks and is achieved through the management and application of security controls, solutions, tools, and techniques to protect IT assets against compromises.

CSE’s IT security risk management framework can help outline a risk strategy that will align with GC priorities and resource allocation so that departmental objectives can be met."

Last Updated: Dec. 12, 2019
Date Published: Jul. 1, 2016
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Risk Management
Federal

Information Technology Security Guidance for Practitioners ITSP.30.031 V3 supersedes ITSP.30.031 V2 User Authentication Guidance for IT Systems and provides guidance on user authentication in IT systems. ITSP.30.031 V3 is also part of a suite of documents developed by CSE to help secure GC departmental networks. User authentication is imperative in keeping cyber threat actors out of departmental systems, and the security controls used to protect GC systems are critical elements in the design of IT infrastructure.

Last Updated: Dec. 12, 2019
Date Published: Apr. 1, 2018
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Identity and Passwords
Federal

This guidance publication outlines best practices to support the development of departmental travel IT Security policies for travel ranging from routine low risk business travel to high risk travel requirements.

Last Updated: Dec. 12, 2019
Date Published: Jul. 1, 2012
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Mobility
Federal

The purpose of this bulletin is to inform the Government of Canada (GC) of the Communications Security Establishment Canada's (CSEC) guidance regarding the use of commercial technologies to safeguard the communications of classified information at the level of SECRET within a departmental local enclave.

Last Updated: Dec. 12, 2019
Date Published: Jun. 1, 2011
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  COMSEC, Network Security
Federal

"The need to securely access or move information between networks with different security classifications is an ongoing operational necessity within the Government of Canada (GC). Accessing or moving data from one network to another enables business operations, information sharing and decision making. Any movement of information across networks has the potential of introducing new threats to the networks and jeopardizing the security of the information holdings. While several methods can be considered for moving information across networks (a.k.a.

Last Updated: Dec. 12, 2019
Date Published: Jan. 1, 2016
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Cyber Defence, Network Security
Federal

"The COMSEC Installation Planning – Guidance and Criteria (ITSG-11) has been superseded by Emission Security (EMSEC) Guidance (ITSG-11A) February 2016 which is a Protected publication, issued under the authority of the Chief, Communications Security Establishment (CSE).

To access, or obtain, a copy of the publication, please visit the COMSEC User Portal (CUP) at: https://comsecportal.cse-cst.gc.ca, or contact your departmental COMSEC Custodian."

Last Updated: Dec. 12, 2019
Date Published: Aug. 8, 2019
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Wireless
Federal

The Internet is crucial to Government of Canada (GC) business, but using such technology can also make the GC’s networks vulnerable. Since many GC systems are connected to the Internet, if one department is compromised, all GC departments could be put at risk. Cyber intrusions are costly to a department’s operations, reputation and service delivery. Consequently, departments need sound IT Security programs that minimize vulnerabilities and counter threats.

Last Updated: Dec. 12, 2019
Date Published: Oct. 1, 2017
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Top 10
Federal

Small and medium organizations have valuable information (e.g. sensitive business, employee, and client information) that needs to be protected to ensure business activities run smoothly. Small and medium organizations are likely targets of cyber attacks because these organizations often lack resources to put towards cyber security. While it may not be possible to protect everything, knowing what information is valuable to your organization can help you protect what matters most.

Last Updated: Dec. 12, 2019
Date Published: Apr. 30, 2019
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Cyber Defence, Risk Management, Your Privacy Online
Federal

The purpose of this document is to describe CCCS’s Cloud Service Provider (CSP) Information Technology Security (ITS) Assessment Program. The objective of the CSP ITS Assessment Program is to assist Government of Canada (GC) departments and agencies in their evaluation of CSP services being procured for use by the GC. The resulting assessments will show whether the subject CSP’s security processes and controls meet the GC public cloud security requirements for information and services up to Protected B, Medium Integrity, and Medium Availability (PB/M/M) as published by the Treasury Board of Canada Secretariat

Last Updated: Dec. 12, 2019
Date Published: Oct. 15, 2018
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Cloud Security, Risk Management
Date modified: