Communications Security Establishment Canada

The information in this publication identifies and describes approved cryptographic algorithms and appropriate methods of use to protect the confidentiality of PROTECTED A and PROTECTED B information and the integrity of information to the medium injury level as defined in CSE’s ITSG-33 IT...

This bulletin is in support of the Treasury Board of Canada Secretariat (TBS) Information Technology Policy Implementation Notice 2014-01 (ITPIN: 2014-01). The notice, released in May 2014, describes the risks posed by, and the possible mitigations for, removable media devices that are used to...

This document is part of a suite of documents developed by the Cyber Centre to help secure cloud-based services and supports the cloud security risk management approach defined in ITSM.50.062 Cloud Security Risk Management.

The Canadian Centre for Cyber Security (Cyber Centre) is aware of the ongoing malicious cyber activity targeting information technology (IT) managed service providers (MSPs) and has been providing advice and guidance to Canada-based MSPs and Canadian businesses who use MSP services.

"Cloud computing has the potential to provide your organization with flexible, on-demand, scalable, and self-service information technology (IT) provisioning. To deliver this potential, it is imperative that we address the security and privacy dimensions of cloud computing. Cryptography is one of...

This document is part of a suite of documents that the Cyber Centre has developed to help secure cloud-based services. Security categorization, the selection of a security control profile, and the selection of a cloud deployment model and a cloud service model are the first three steps of the...

To enable the adoption of cloud computing, the Government of Canada (GC) developed an integrated risk management approach to establish cloud-based services. ITSM.50.062 outlines this approach which can be applied to all cloud based services independently of the cloud service and deployment models.

The purpose of this document is to describe CCCS’s Cloud Service Provider (CSP) Information Technology Security (ITS) Assessment Program. The objective of the CSP ITS Assessment Program is to assist Government of Canada (GC) departments and agencies in their evaluation of CSP services being...

"In This Edition Recent Approval of Two New Standards Recent Discussion on Physical Security Future Meeting Agendas September and December Contact Us "

"In This Edition Recent Approval of Two New Standards Recent Discussion on CEO Material Future Meeting Agendas May and September Contact Us "

This joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States. It highlights technical approaches to uncovering malicious activity and includes mitigation steps...

The purpose of this Information Note is to provide best practices and highlight security considerations when subscribing to services offered by managed service providers.

The purpose of this Information Note is to draw attention Doppelganger Campaigns and Wire Transfer Fraud.

The purpose of this Information Note is to draw attention to the top 10 IT security actions as recommended by CSE.

Government of Canada Announces New National Cyber Security Strategy and the Creation of the Canadian Centre for Cyber Security

"This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the UK and USA. In it we highlight the use of five publicly-available tools, which have been used for malicious purposes in recent cyber incidents around the world....

This document provides an update to the 2017 report released by CSE. Its purpose is to let Canadians know about the cyber threats to our democratic process in 2019.