Key Issues in Cybersecurity

  • Is cybersecurity a priority for your organization?
  • How do I ensure compliance with Act 25?
  • Is someone in your organization responsible for cybersecurity?
  • Has your organization performed a cybersecurity threat and risk analysis?
  • Does your organization have a security plan?
  • Does your organization have a security policy?
  • Does your organization have a recovery plan in the event of a cyberattack of any kind?
  • Does your organization provide guidelines to its staff on the handling and labeling of sensitive information?
  • Does your organization provide guidelines to its staff on the safe use of mobile devices?
  • Is a firewall installed between your organization’s computers, including point-of-sale (POS) systems and the Internet?
  • Does your organization use an encryption tool (usually software) to protect sensitive information before sending it outside the company (for example, sending email attachments)?
  • Does your organization have a spam filtering or blocking tool?
  • Does your organization use malware protection?
  • Does your organization use strong passwords and protect them?
  • Does your organization provide guidance to staff on how to work safely while traveling or when away from the office?

These questions are taken from the Get Cyber Safe Guide for Small and Medium Businesses produced by the Government of Canada.