F12 Blog

What is CyberSecure Canada?

What is CyberSecure Canada, and why is it a secret?

The Canadian government quietly launched CyberSecure Canada, a national cybersecurity certification for small and mid-sized companies. This program is a huge step tow

ard securing Canada from cyber threats – it is a pity more business leaders do not know about it.

What is the CyberSecure Canada Certification?

CyberSecure Canada is the only federal program that certifies that your business is taking the necessary steps to protect against cyber threats. This program is designed for companies with less than 500 employees and is the successor to CyberEssentials out of New Brunswick.

Why get CyberSecure Canada certified?
  • Protect your business from disaster
  • Prove to yourself that your security is adequate
  • Show others that you are not risky
  • Lower your cyber insurance premiums
  • Qualify to bid for business opportunities
Is it hard to get certified?

It is not easy, and that is a good thing. There is too much snake oil in the cybersecurity industry, so take comfort that this is legit. CyberSecure certification is not as onerous as a SOC2 Type II audit, but you will have to work for it.

To get certified, you will first want to put in thirteen controls published by the Canadian Centre for Cyber Security. Then apply for certification at canada.ca/cybersecure. Finally, you will work with an accredited certification body that audits your organization.  Once you are certified, you can proudly display your certificate for two years.

What are the 13 Security Controls?
  1. Incident response plan – how you plan to recover from a cyber attack
  2. Automatic patching – your software patch management
  3. Device configuration – how you securely configure your devices
  4. Security software – the agents you install and monitor
  5. Authentication – your multi-factor authentication controls
  6. Training – your ongoing team education on cybersecurity
  7. Data Protection – your backup and data encryption
  8. Mobility – controls to secure mobile devices
  9. Perimeter – firewall defences at connections into your network
  10. Outsourced IT services – the security posture of your IT partners
  11. Websites – the security of your website
  12. Access controls – limitations you place on access to data and services
  13. Portable storage – the security, encryption, and disposal of your storage media
How much does it cost?

The cost to get CyberSecure Canada certified will depend on your needs.  Typically, you will need to pay a few hundred dollars for registration and then you will need to pay for the audit. Therefore, check with a few certification bodies listed at canada.ca/cybersecure. Feel free to reach out to F12.net; we are happy to share our experience getting CyberSecure Canada certified.

Why is this a secret?

The COVID-19 pandemic overtook the program launch.  Still, it is disappointing this has not received the awareness campaigns or public outreach it deserves. Since ransomware, funds transfer fraud, and digital theft is running amok across Canada, what a shame that this excellent program is hidden under a bushel.


F12 serves clients with IT Services across canada

Vancouver Office

200 – 17577 56 Avenue, Surrey, BC V3S 1C4
View Location >

Nelson Office

A – 1016 Seventh Street, Nelson, BC V1L 7C2
View Location >

Courtenay Office

917C Fitzgerald Avenue, Courtenay, BC V9N 2R6
View Location >

Edmonton Office

13555 156 Street NW, Edmonton, AB T5V 1R9
View Location >

Toronto Office

220 Markland Street, Unit A-2, Markham, ON L6C 1T6
View Location >

Victoria Office

329 – 1095 McKenzie Avenue, Victoria, BC V8P 2L5
View Location >

Vernon Office

101 – 1325 Polson Drive, Vernon, BC V1T 8H2
View Location >

Calgary Office

11 – 3110 14 Avenue NE, Calgary, AB T2A 6J4
View Location >

Red Deer Office

8 – 4699 61 Street, Red Deer, AB T4N 7C9
View Location >