Discover All Technology Assets (D.A.T.A. – you can’t secure what you don’t know you have)

            Hardware Inventory

  • On premise
  • Remote
  • BYOD
  • Network Diagrams

            Software Inventory

  • On premise
  • Cloud based
  • Shadow IT

            Data Inventory

  • Data Flow Diagrams
    • Who and where is the data collected from?
      • Customers
      • Vendors
      • Employees
      • Contractors
  • Data Map (Location) Diagrams
    • Your data
    • Other’s data

Compliance And Risk Evaluation (C.A.R.E. – you advise, business leadership decides)

  • Understand the laws and regulations the business is legally obligated to comply with.
  • Understand the Risk Tolerance level the CEO and Board of Directors has decided they are willing to accept.

Align Security And Privacy (A.S.A.P. – part 1)

  • Align the Information Security Program to meet all the legal compliance obligations and the risk tolerance level determined by executive management.
  • Align the Privacy Policy to collect only the minimally required data and to retain only that data necessary to meet the compliance obligations as well as company operational procedures.

Address Systems AND People (A.S.A.P. – part 2)

  • The Security Plan policies and procedures address both the technology AND the people that are working with the technology and the data.
  • Make sure everyone is aware of, understands, and has access to the policies and procedures required for their job function.
  • Incident Response, Business Continuity and Disaster Recovery documents should be available in hard copy, securely stored, in several places both on and off site.

Time to get Cyber Safe for October of 2022

There are several excellent resources available to help make sure you stay open for business and not open to a ransomware attack.

With the average cost of a data breach reaching $7 million for Canadian firms according to an IBM study released in July 2022 it is becoming more important for SMOs to improve their cybersecurity posture, especially if they are looking to obtain a Cyber-insurance policy.

The Government of Canada has a guide to help with their Get Cyber Safe Guide for Small and Medium Businesses.

Also the Canadian Center for Cyber Security has their Top measures to enhance cyber security for small and medium organizations  that summarizes the 13 security control categories, including training your employees to recognize cyber threats.

The Insurance Bureau of Canada has also recently setup their Cyber Savvy Challenge website with many good resources available.

Stay safe out there and enjoy the fall colours.

How to Protect Your Business from Cyberattacks

From the Business Development Bank of Canada

The BDC recommends a 4 step approach to strengthen your business cyber-defenses against attack. Especially relevant going into a long holiday weekend when attackers are specifically waiting to execute their attacks.

  1. Identify risks
  2. Create controls
  3. Establish a security culture
  4. Monitor and improve


Blakes Releases Canadian Cybersecurity Trends Study for 2022

Blakes has launched its third annual Canadian Cybersecurity Trends Study. It analyzes key data points in the type and volume of cybersecurity incidents across Canada. The study also highlights some interesting observations the Blakes team made during the past year while handling numerous breaches.


Introduction to Azure Database for PostgreSQL eBook

This highly useful 42 page eBook provides an overview of Azure Database for PostgreSQL and the value that it provides as a fully managed, open-source database service, including key use cases and an introduction to common application hosting environments.  It also covers the various deployment options for Azure Database for PostgreSQL and introduces the key  concepts you’ll need to understand to best put each deployment option to use. Also includes links to other resources to help and inform.


Microsoft Has Released Its 2021 Digital Defense Report

Actionable insights from the Microsoft Digital Defense Report:

Protect against 98% of attacks by utilizing antimalware, applying least privilege access, enabling multifactor authentication, keeping [software] versions up to date, and protecting data [with best practices using Data Loss Prevention Policies and Sensitivity Labels].


October Is Cyber Security Awareness Month

Welcome to October 2021. Here we are in the last quarter of 2021 and fall is upon us. The month of October is also Cyber Security Awareness Month and there are some great resources available.

The Canadian Centre for Cyber Security


Get Cyber Safe


Microsoft Cyber Security Month Site


All of these sites have great resources to learn about Cyber Security for yourself and also share knowledge and awareness with your family, friends and coworkers.

Stay safe out there and enjoy the fall colors here in Canada.