Cyber security for small business

The Canadian Centre for Cyber Security assesses that the COVID-19 pandemic presents an elevated level of risk to the cyber security of Canadian health organizations involved in the national response to the pandemic.

The Cyber Centre therefore recommends that these organizations remain vigilant and take the time to ensure that they are engaged in cyber defence best practices, including increased monitoring of network logs, reminding employees to practice phishing awareness and ensuring that servers and critical systems are patched for all known security vulnerabilities.

The Baseline Cyber Security Controls for Small and Medium Organizations lists a set of lower-cost and lower-burden security controls that you can implement to thwart cyber threat actors, reduce exposure to cyber threats, and get the most out of your cyber security investments.

While the Canadian health sector faces an increased risk, these are best practices that all organizations should apply to stay ahead of cyber threats.

• Have an incident response plan
• patch operating systems and applications automatically
• Enable security software
• Configure devices securely
• Use strong user authentication
• Provide employee training
• Back up and encrypt data

• Secure mobility
• Establish perimeter defences
• Secure cloud and outsourced it services
• Secure websites
• Have access control and authorization
• Secure portable media

CyberSecure Canada is Canada’s national certification program. This program certifies small and medium organizations that implement the baseline controls.

The Cyber Centre can help protect you. We work with organizations and Canadians to better protect them from cyber adversaries. Visit our website for a list of alerts and advisories, including those regarding critical vulnerability patches.