The cybersecurity of our customers and its accessibility for SMEs is a priority at MS Solutions. This is why, during a previous webinar, we presented to participants the In-Sec-M organization, the Canadian cybersecurity industry cluster, as well as its support and support offering. grants related to digital transformation and cybersecurity among SMEs.

The current situation

Cybersecurity is a much-discussed topic within the information technology community and even society in general. Cyberattacks have also been the subject of several articles in the media and on our blog (see our cyber horror stories). Moreover, over the last two years, we have seen a significant increase in cyberattacks and the importance for businesses to be well protected against the activities of cybercriminals.

The current situation can therefore be seen in two ways:

1. It is essential to protect SMEs from the risks related to digital transformation that is often carried out too quickly and without consideration for security;
2. Cybersecurity is also, for some more savvy SMEs, an opportunity and a differentiator from the competition to penetrate large markets and supply chains. (In-Sec-M during the webinar)

Some highlights

In addition to the current situation, it is important to understand what is happening in a more concrete way. Indeed, during the webinar, the following statistics were presented and were able to emphasize the importance of cybersecurity among SMEs:

• 25% of Canadian businesses suffered a leak of personal data relating to their customers or employees in 2019 (CIRA);

• $6 million: average cost for a Canadian company of a personal data leak (IBM);

• 20%: percentage of Canadian SMEs that will be victims of a serious cyberattack in a given year;

• 300%: percentage of increase in cyberattacks against Canadian SMEs from 2019 to 2020;

• 60%: percentage of SMEs that will be forced into bankruptcy following a cyberattack that forces them to suspend their activities.

These numbers don’t lie and it is more important than ever that entrepreneurs and businesses have established cybersecurity services for the protection of personal information and data that are otherwise potentially accessible to cybercriminals. So let’s see how In-Sec-M and MS Solutions can help you avoid cyberattacks as much as possible and being a potential target of cybercriminals thanks to the CyberSecurity Canada certification program.

CyberSecure Canada Certification Program

As mentioned during our webinar on the subject, the CyberSecurity Canada certification program aims to “improve the situation of PMOs (small and medium-sized organizations) with regard to cybersecurity […]” This is why the program was created with SMEs in mind and is based on the 13 security control areas established by the Canadian Center for Cyber Security.

Participation in this program remains on a voluntary basis, but we strongly encourage you to participate in order to certify your level of security as quickly as possible. Additionally, a national cybersecurity standard for PMOs is being developed.

The objectives of this program are to improve the basic level of cybersecurity of Canadian small and medium-sized businesses, raise awareness and educate all Canadians about cybersecurity, and increase consumer confidence in the digital economy.

Certification process

The certification program has a rigorous 6-step process:

1. Implement security controls
2. Submit a verification request
3. Choose a certification body
4. Verification carried out by the certification body
   • If finished, go to step 5
   • If not completed, make ongoing cybersecurity improvements
5. Obtain certification (Valid for 2 years)
6. Recertification

The first step is the one that can take relatively long depending on the 13 security controls that are already (or not) in place within the company:

1. 1. Develop an incident response plan;
   2. Configure devices securely;
   3. Back up and encrypt data;
   4. Activate security software;
   5. Secure removable media;
   6. Use strong authentication;
   7. Secure websites;
   8. Secure mobile services;
   9. Implement access controls and authorizations;
   10. Provide training to employees to raise their awareness;
   11. Establish a basic peripheral defense;
   12. Automatically correct errors in operating systems;
   13. Secure outsourced cloud computing and IT services.

Support route

The certification process may seem difficult and complex if your company does not already have certain cybersecurity solutions in place. This is why In-Sec-M, in partnership with Canada Economic Development, offers a support program to obtain certification. This support targets in particular the establishment of the 13 essential cybersecurity controls mentioned above.

Here is the procedure to benefit from the support program established by In-Sec-M:

1. Contact In-Sec-M by email at the following address: [email protected].
2. Complete the qualification questionnaire.
3. Sign the support agreement and pay the fee of $2,000 plus taxes, which includes the following elements:
   • 25 hours of support from a cybersecurity expert
   • Access to a portal dedicated to certification management
   • Final audit fees
4. Establish cybersecurity controls with the help of the expert provided by In-Sec-M.
5. Collaborate with external auditors for the audit.

In short

If you are interested in support and grants from In-Sec-M, MS Solutions can help and support you in the process while offering you a range of cybersecurity services for your business according to your needs and the size of your business. Contact the MS Solutions team now to be cyber secure.