Cyber security for small business

The Canadian Centre for Cyber Security Cyber securityThe protection of digital information, as well as the integrity of the infrastructure housing and transmitting digital information. More specifically, cyber security includes the body of technologies, processes, practices and response and mitigation measures designed to protect networks, computers, programs and data from attack, damage or unauthorized access so as to ensure confidentiality, integrity and availability. assesses that the COVID-19 pandemic presents an elevated level of risk to the cyber security of Canadian health organizations involved in the national response to the pandemic.

The Cyber Centre therefore recommends that these organizations remain vigilant and take the time to ensure that they are engaged in cyber defence best practices, including increased monitoring of network logs, reminding employees to practice phishing PhishingAn attempt by a third party to solicit confidential information from an individual, group, or organization by mimicking or spoofing a specific, usually well-known brand, usually for financial gain. Phishers attempt to trick users into disclosing personal data, such as credit card numbers, online banking credentials, and other sensitive information, which they may then use to commit fraudulent acts. awareness and ensuring that servers and critical systems are patched for all known security vulnerabilities.

The Baseline Cyber Security Controls for Small and Medium Organizations lists a set of lower-cost and lower-burden security controls that you can implement to thwart cyber threat Cyber threatA threat actor, using the internet, who takes advantage of a known vulnerability in a product for the purposes of exploiting a network and the information the network carries. actors, reduce exposure to cyber threats, and get the most out of your cyber security investments.

While the Canadian health sector faces an increased risk, these are best practices that all organizations should apply to stay ahead of cyber threats.

• Have an incident response plan
• patch operating systems and applications automatically
• Enable security software
• Configure devices securely
• Use strong user authentication
• Provide employee training
• Back up and encrypt data

• Secure mobility
• Establish perimeter defences
• Secure cloud and outsourced it services
• Secure websites
• Have access control and authorization
• Secure portable media

CyberSecure Canada is Canada’s national certification program. This program certifies small and medium organizations that implement the baseline controls.

The Cyber Centre can help protect you. We work with organizations and Canadians to better protect them from cyber adversaries. Visit our website for a list of alerts and advisories, including those regarding critical vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. patches.