Communications Security Establishment Canada

Mobile devices have spread rapidly across the Government of Canada (GC) corporate enterprise and while they boost productivity and efficiency, they significantly increase the risk of a compromise to sensitive information. To help mitigate this threat, Communications Security Establishment...

If you’re someone who is in a high-profile position, such as a politician or a senior executive, you need to protect the security of your mobile devices when you travel. Mobile devices contain sensitive information and they are high-value targets for cyber threat actors. If your device or the...

Learn how to protect them, and your information, from being compromised.

This bulletin aims to describe the risks posed by, and possible mitigations for, the exposure of classified IT systems to wireless signals and mobile devices that are not authorized to connect to those systems. The intended audience for this bulletin includes those responsible for IT security...

Telework is a flexible and convenient work arrangement that allows you to work outside of the traditional office environment. By remotely connecting to your organization’s network, you can continue to use applications and access information as though you were in the office.

The ITSP.40.006 v2 IT Media Sanitization publication contains guidance for IT Security for Practitioners and other IT security authorities to help reduce the risk of exploitation of residual data on IT equipment with electronic memory and/or data storage media. This guidance applies to data at...

Information Technology Security Guidance for Practitioners ITSP.30.031 V3 supersedes ITSP.30.031 V2 User Authentication Guidance for IT Systems and provides guidance on user authentication in IT systems. ITSP.30.031 V3 is also part of a suite of documents developed by CSE to help secure GC...

"This document is intended for elections authorities. It introduces common threats to Canada’s electoral processes and provides guidance on protecting the systems and the people involved in these processes. The guidance in this document is based on information gathered from various sources and is...

"This cyber security playbook guides elections authorities on anticipating, mitigating, and responding to threats that are specific to Canada’s democratic processes. This playbook introduces baseline cyber security measures and best practices that you can implement to improve your organization’s...

This document describes common concepts relevant to discussions about cyber threat activity in the Canadian context and acts as a point of reference for Canadian Centre for Cyber Security (Cyber Centre) publications. This introductory document provides baseline knowledge about the cyber threat...

Get the latest videos, infographics and sharable content to help you stay cyber safe.

Get Cyber Safe is a national public awareness campaign created to inform Canadians about cyber security and the simple steps they can take to protect themselves online.

CSAM Themes - shining a light on all the ways the internet allowed us to stay connected and find a new "normal" in our lives.

The 7 red flags you should check when you receive an email or text

How to protect yourself from phishing campaigns

This document outlines several best practices for controlling permitted applications on your systems.

ITSP.70.012 Guidance for Hardening Microsoft Windows 10 Enterprise is an UNCLASSIFIED publication, issued under the authority of the Chief, Communications Security Establishment (CSE). Suggestions for amendments should be forwarded to the Canadian Centre for Cyber Security’s Contact Centre.

This document provides guidance to system owners on implementing technical security measures to protect their domains from email spoofing. In this document, we describe technical measures that system owners can implement to prevent the delivery of certain malicious messages sent on behalf of...

This document outlines some of the actions that your organization can take to manage and control administrative privileges.

As a business traveller, you should carefully consider the potential risks of using a mobile device during your travel. A compromised device has the potential to allow unauthorized access to your organization’s network, placing not only your own information at risk, but also that of the...