Internal Banner Background Red Wavy Shape


Cyber Essentials Canada Expands Partnership to West Coast

7 April 2019 | by Megan Henwood


Cyber Essentials Canada is pleased to welcome as the newest Managed Service Provider in our partner network. is certified under the highest level of the Cyber Essentials Canada certification.


About Our Newest Partner provides businesses IT Solutions that “improve productivity, scalability, and security with less time and capital.” Primarily working with companies in Ontario, Alberta and British Columbia, they offer a wide range of solutions including hardware as a service, IT strategy and support, security assessments, data centres, and more.


F12  and about 200 employees in 9 locations across Canada, are working hard to ensure clients receive quality services and support. F12 understands that many organizations might not have the time and resources to develop, implement and maintain IT solutions so F12 encourages their clients to focus on their business and let them manage their IT.


Visit their website here.


Service Offerings

F12 has a variety of service offerings designed for  organizations with between 20 and 300 employees. A few to touch on are F12 Select, F12 Plus and F12 Secure. By implementing any of these offerings, your organization is one step closer to achieving compliance for the Cyber Essentials Canada certification.  


F12 Select is for businesses who value cost management over simplicity and whose owners want lower  operational expenses. In this program, businesses acquire their own hardware, and engage F12 to manage their organization’s IT services. This program is best suited for Small and Medium Enterprises (SMEs).


F12 Plus is a robust service offering combining hardware, software, IT support and cloud services in one. F12 Plus is a truly cost-effective package, bringing multiple aspects of IT together in a standardized and affordable bundle. F12 will make the upfront investment of hardware, software and labour, and they will work with your organization to add technology and/or services as needed. This program is best suited for organizations that prefer a simple way to scale without investing capital or credit in technology infrastructure.


F12 Secure offers security services to companies with 20-300 people. With ongoing monitoring and maintenance, F12 Secure is a preventative measure to protect a business’s Return on Investment (ROI). With F12 Secure, you receive risk assessments, ongoing threat detection, identification of security gaps, and an expert’s recommendations to mitigate cyber risk. Should your company suffer a breach, F12 is there to help recoup losses and get your business back on track as soon as possible.


Interested in more information? Visit here for all of F12’s  product offerings.


Our Collaboration

Much like Cyber Essentials Canada, F12 has your organization’s security in mind.  With F12 now partnered with Cyber Essentials Canada, your organization can achieve cyber resilience much easier, and faster.


F12’s guidance and managed services prepares your organization to meet compliance for the Cyber Essentials Canada certification by addressing any gaps and/or weaknesses before registering for certification.


Furthermore, adding yet another efficiency for your businesses, F12 will work with your organization to achieve your Cyber Essentials Canada certification. F12 will respond and provide evidence of your organization’s compliance on our monitoring toolset, The Cyber Highway, to ensure your certification processes fully managed, and non-resource exhaustive.


Visit today to learn more about their products and ask about the government backed cybersecurity certification program, Cyber Essentials Canada.

add a comment
Subscribe to this Blog Like on Facebook Tweet this! Share on Google+ Share on LinkedIn

28 February 2019 | by Megan Henwood

Valentine’s Day Has Come and Gone, But the Love for Our Certification Bodies Still Lives On!

What is Cyber Essentials Canada?

Cyber Essentials Canada is the only government backed cybersecurity standard in Canada. By offering a certification standard, small and medium-sized enterprises (SMEs) in any industry can now implement a cost-effective digital security solution to protect their business against internet crime.


How do I get certified?

Cyber Essentials Canada has made the process of meeting baseline cybersecurity standards seamless. For your business to become certified all you must do is sign up at for the online toolset, The Cyber Highway. Next, you’ll complete Journey Statements, which refer to a series of questions based on your business’ cyber hygiene, which means the steps and/or processes your business has in place to protect your business online.


For more information on how to become certified, click here


So, what is the Certification Body’s role in certifying?

Once the Journey Statements are complete, the company submits for certification. This is where our Certification Bodies come into play. For the Cyber Essentials Canada Basic certification, the Certification Body reviews the Journey Statements submitted and recommends for certification, or recommends actions for security gaps. If your business wishes to be Cyber Essentials Canada Plus certified, the Certification Body will arrive onsite at your business location to perform a vulnerability test of your networks to ensure all important vulnerabilities related to the CE Canada standard have been resolved.


For more information regarding the vulnerability assessment criteria, contact us.


Our Certification Bodies have the skills and expertise to ensure your information and intellectual property are protected.


Who are the Cyber Essentials Canada Certification Bodies?

Cyber Essentials Canada has selected three certification bodies to assist in the certification process, accredited under our program, they are available to preform assessments on our behalf. 


Bulletproof is a managed service provider, offering their customers IT security and consultancy services. Based out of Fredericton, New Brunswick, Bulletproof seeks to deliver “Strategic IT solutions with security at the forefront” to businesses of all sizes. They aim to offer solutions that are cost effective to allow any organization to compete with the bigger players. The focus on better security, superior customer satisfaction as well as growing your business through technology.  


For more information on Bulletproof, visit their website here!


Based in Waterloo Ontario, Watsec is transforming traditional security tools and processes into complete cyber risk management programs for both domestic and international companies. They are accredited as a Cyber Essentials Canada Certification Body, which permits Watsec to conduct formal Cyber Essential Canada certifications for companies world-wide. Their unique Intelligent Cyber Resilience (ICR) program delivers practical action plans for managing cyber risk scaled appropriately for the size and type of organization. With the guidance of their risk management specialists, clients are well prepared for today’s complex cybersecurity challenges.


For more information on Watsec, visit their website here


CGI, a large IT provider based out of Montreal, Quebec is also one of Cyber Essentials Canada’s Certification Bodies. CGI is an IT and business consulting services firm. They provide end to end IP based solutions, offering their customers industry expertise and value add services. Their solutions are available worldwide, operating out of more than 100 sites globally. Although the have a large presence, they maintain personable relationships with their clients to ensure customers feel taken care of.


For more information on CGI, visit their website here!


These three exceptional organizations are the beginning of Cyber Essentials Canada’s Certification Body network. They are an essential part of the certification process, offering our clients the ability to become cybersecure.


Want to add your organization’s name to the list? Have your logo on our website, and be part of this growing network of companies protecting Canada’s digital economy? Start your Cyber Essentials Canada certification journey today by clicking here!


Once you have submitted for certification, connect with Cyber Essentials Canada to learn about the opportunities you can have as a Certification Body!



add a comment
Subscribe to this Blog Like on Facebook Tweet this! Share on Google+ Share on LinkedIn

4 February 2019 | by Megan Henwood


Why Your Small/Medium Business Can’t Afford to Ignore Cybersecurity!


Small and medium businesses are now the targets of cybercriminals. Meaning, many small businesses who suffer from these attacks may not recover, as the cot of these attacks can be devastating to their reputation, not to mention the cost of these breaches have severe impact to revenue. Even further, privacy laws in Canada changed in November 2018, which now require all privacy breaches to be reported to the Privacy Commissioner.


Protecting your business against cybersecurity threats is critical to protecting your Intellectual Property (IP), your customers’ data, your employee data and quite frankly your bottom line. There is good news though, so let’s dig in so that you can get the information you need, to do just that – protect your business.


So, what is cybersecurity?

Cybersecurity means being protected against unauthorized use of your electronic data, and the resources used to protect against cyber-attacks. To become ‘cybersecure’, software and technologies are often implemented within an organization.


Why does this apply to my small to medium sized enterprise?

Cybersecurity is important for organizations of all sizes. Learning about cybersecurity best practices and promoting awareness across the organization increases revenue, business productivity, protects your IP and builds trust.


Cybercriminals often focus on Small and Medium Enterprises (SMEs) because they know SME’s often don’t have the resources – human or financial – to employ cybersecurity professionals. While small, you don’t have to be a target. There are managed service providers to help you at reasonable costs. In addition, there is a cost-effective certification that you can adapt.


Taking the right steps to protect your IP and your customer data is critical. The new Digital Privacy Act legally requires all organizations who suffer a data breach to report it. Depending on the severity, fines and notification of the breach to clients may be required. Demonstrating that you have gone through cybersecurity certification will help to prove that you are taking the right steps to protect your data. It might also make you eligible for cybersecurity insurance.


Five Critical Areas to Focus on For Results:

There are five essential controls that are recommended to implement for an organization to mitigate common internet threats. The following are:


  1. Boundary Firewalls and Internet Gateways: A firewall can be either software, hardware, or both. A firewall is a network security device that decides whether to allow or block specific traffic based on a defined set of security rules.
  2. Secure Configurations: Employees should only have access to the tools they need to do their jobs. Your company should create strong password protocols for logging into their systems (e.g. actually enforcing the use of ‘strong’ passwords.)  Never stick with default passwords, they may be easy to remember, but they are easy to crack!
  3. Access Controls: This is a way to minimize the risk of unauthorized access to the company network and systems. Users should have reasonable but minimal privileges on their personal accounts. Only those who require administrative privileges should have admin-level accounts.
  4. Patch Management: This is an update to a program that is designed to fix, or improve it. This also includes security issues. By staying up to date you can prevent cyber criminals from taking advantages of known vulnerabilities in the program. Companies will offer patches for licensed users to update their software.
  5. Malware Protection: This is another layer of protection for an organization, and it can perform daily scans to make sure systems are secure. Malicious software has a way of creeping into our devices. Malware protection scans, detects, and eliminates malware ensuring that there is nothing slipping through the cracks.


Don’t let the fear of not knowing what to do stop you from protecting your business. There are many cost-effective ways to help you mitigate the threats of cybercriminals.


Connect with us at to help you find the right solution for your organization!




add a comment
Subscribe to this Blog Like on Facebook Tweet this! Share on Google+ Share on LinkedIn

January 17, 2019 | by Megan Henwood


How to Reduce Your Cyber Risk through Managed Service Providers

Cyber Essentials Canada’s network of trusted partners all share a mandate to ensure every Canadian organization can be better equipped in this ever-changing digital economy. Watsec, an accredited Certification Body and Practitioner under the CE Canada framework, has developed a Certified Cyber Essentials Canada Practitioner course to allow companies across Canada to equip their staff with a deeper understanding of cybersecurity, as well as to better understand the Cyber Essentials Canada program. 


Reducing Cyber Risk

Watsec is a cyber risk management firm located in Waterloo, Ontario. Watsec has many years of experience specializing in assessing cyber risk, and believes that the most effective way to manage cyber risk is by addressing both the technology andhuman factors. In recent years, studies published independently by Online Trust Alliance and Voke Media found that over 80% of security breaches could have been prevented by using more effective IT security practices such as systematic patching and comprehensive IT system configuration. Employing such practices, plus educating IT staff on better ways to secure the infrastructure is a powerful combination. It enables network managers and Managed Service Providers (MSPs) to better reduce risk from accidental and deliberate security breaches, therefore saving the company money and reputation.


To learn more about Watsec and their Cyber Essentials Canada Practitioner course visit


So, how can we manage our cyber risk? 

Watsec’s training program, Certified Cyber Essentials Canada Practitioner, is focused on educating the IT employees of companies and MSPs (Practitioners) on effective cyber risk management techniques and behaviour. The course prepares attendees to take a leading role in the creation of a corporate cyber risk management program within an organization. This course is especially valuable to IT staff of MSPs as it covers the what, why, and how to effective cyber risk management using the Cyber Essentials Canada (CE Canada) Certification.


This course will cover the key governance and technical subject areas for which the business must meet security requirements to obtain CE Canada's CE or CE Plus certifications. This includes general background on CE Canada Certification and the CE Canada Code of Ethics, as well as technical requirements for the 5 Cyber Essential control areas; Boundary Firewalls & Internet Gateways, Secure Configuration, User Access Control, Malware Protection, and Patch Management. 


To learn more about the Cyber Essentials Canada certification journey or to sign up today visit


Why should we send our IT staff to this course?

Having key IT staff become Certified Cyber Essentials Canada Practitioners (CCECP) positions the organization to take full advantage of CE Canada’s CE and CE Plus certification programs. This training certification will equip students with practical knowledge of the CE Canada framework for ongoing cybersecurity risk management. It also provides the spin-off benefits of creating a competitive corporate business advantage, as well as enhancing students’ professional career skills.


And, who is recommended to take this course?

Registrants are expected to meet the following prerequisites to attend this course:

•    Have a working level understanding of network concepts;

•    Have a working level understanding of Windows or Linux operating system concepts;

•    Have at least 12 months technical experience in IT management, maintenance and servicing for an enterprise;

•    Have (or are seeking) a position with responsibility for IT architecture, security, or operations within a business.


Manage your cyber risk today. Enroll in the Watsec Certified CE Canada Practitioner course and reduce your risk immediately by educating your employees in effective cyber security risk management tools and practices. 


For more information, visit, OR register here for this exclusive offering.



Subscribe to this Blog Like on Facebook Tweet this! Share on Google+ Share on LinkedIn

December 19, 2018 | Megan Henwood


How to Achieve Business Continuity


For many business owners, business continuity is the most important aspect of their operations. How do we keep the lights on and maintain productivity under any circumstance? As cybercrime rises for Small and Medium Enterprises (SMEs), the opportunity for business continuity to falter increases.


Cybercrime is not reserved for the big guys

There are many factors that can contribute to the slowdown of performance or complete halt of operations, many of which business owners have little control over, issues with distributors, market fluctuations, political factors etc. However, with an economy that lives online one area where business owners can mitigate risk is through cybersecurity. There is an assumption within the SME world, that cybercrime is reserved for the big guys. Most criminals seek to find vulnerabilities within large corporations to secure large payoffs. However, this is no longer the case. Online crime has shifted to SME’s. Multinationals have an easy in through these SMEs, which do not have the means to implement robust systems to protect their assets. Instead of weeding through multinationals, hackers look to low hanging fruit, the SMEs; an easy way in, and quick gains for these criminals.


A large percentage of Canadian enterprises are of SME size and enormous contributor for our economy. Employing much of our skilled workforce, offering diverse products to their customers, and stretching their brands across the globe, SME’s are a backbone moving our economy forward. SME’s hold valuable intellectual property that is growing more vulnerable as cyber-attacks increase.


New partner spotlight: SourcetekIT

SourcetekIT understands the importance of creating a safe economy for Canadian businesses. Offering IT and cybersecurity services to a wide range of Canadian customers to ensure their operations and intellectual property are protected. SourcetekIT is a reliable Managed security Service Provider (MSP) in Canada, so much so that Tech Data Canada, a large multinational specializing in IT products and services, has chosen SourcetekIT to be their exclusive provider of Managed Security Operations Centre (SOC) services through their 5,000 channel partners across the country.


SourcetekIT’s SOC service is cloud based, and operates on a flexible monthly subscription models so business owners do not have to worry about implementing additional infrastructure. This is an ideal solution for SME’s who do not have the resources to improve the security posture of their organization by implementing a dedicated security monitoring solution. SourcetekIT understands the importance of business continuity which is why they have developed this new market offering. Cloud based SOC services allows business owners to mitigate risk in an accessible, cost effective manner. With a large partner network throughout the country, it is likely that your business is already working with an MSP who has access to SourcetekIT’s new service offering.


So, how do you actually achieve business continuity?

Cyber Essentials Canada understands the importance of business continuity; therefore, we have partnered with SourcetekIT to offer business Cyber Essentials Canada certification alongside SourcetekIT remote SOC service. Any organization that signs up for SourcetekIT’s managed SOC services is automatically Cyber Essentials Canada certified. CEC is a government backed cybersecurity certification program, available in both official languages, offering baseline standards to mitigate against 80% of common internet threats. CEC focuses on 5 key controls that instill awareness of cybersecurity best practices and create a corporate culture based on cybersecurity policies and procedures. This allows businesses to be educated on cybersecurity and move towards a model that ensures business continuity. Cyber Essentials Canada will also work with you to map to other cybersecurity certification programs if needed, such as: NIST and ISO 27001. With a SOC and CEC certification, businesses will be protected against cybercrime, have a badge of trust and due diligence to show their customers, and be up to date with new legislation surrounding procurement and data privacy. Most importantly these offerings allow business operations to move smoothly without interruptions from ongoing security attacks. Side by side these offerings are optimal for businesses across the country, creating an economic culture of safe operations.


How do I get started?

Reach out to your current service provider and discuss remote SOC services through SourcetekIT, or reach out to thousands of channel partners, and end-customers through these channel partners offering their services. The subscription is cost effective, fully managed and flexible.


For more information check out and 



Subscribe to this Blog Like on Facebook Tweet this! Share on Google+ Share on LinkedIn

14 December 2018 | by Megan Henwood


A Collaboration to Protect Canada's Digital Economy


When creating a successful business in a thriving industry-ecosystem, a key factor is partnership. Partnership and collaboration are necessary for businesses to reach new markets, spread across sectors, and grow their operations. Businesses methodically choose their partners based on their goals and objectives, selecting those that will help them achieve initiatives and create lasting relationships with their customers. Cyber Essentials Canada (CEC) understands the importance of collaborating with Canadian associations to reach our vision of creating a safe and prosperous economy. Therefore, we have recently collaborated with the Canadian Chamber of Commerce, an organization that aims to promote cyber hygiene and protect Canadians and their businesses from future cybercrime.


The Canadian Chamber of Commerce seeks to connect businesses across the country of all sizes and industries to create a competitive and prosperous economy. As the largest business association in the country with over 450 local chambers / boards of trade that represent and connect over 200,000 businesses, they work to on behalf of businesses across Canada to help ensure the success and growth Canadian business.


The partnership between Cyber Essentials Canada (CyberNB) and the Canadian Chamber of Commerce will serve to educate Canadian businesses on the importance of cybersecurity, in an ever-growing digital world. How to protect their intellectual property, be part of a more secure and resilient supply chain, and to protect customer-data. Members of the Canadian Chamber of Commerce will now have access to the only government-backed, fully managed cybersecurity certification program in the country. The CEC certification program helps mature a business’ cybersecurity policies through monitoring and measuring current practices. Cybercrime is not exclusive to large companies; because of the growing number of attacks on SME’s across all industries, CyberNB sought to bring a certification program to the market that would be accessible for all Canadian businesses, create baseline best practices, and protect against over 80% of common online threats.


The Cyber Essentials Canada certification program was launched by CyberNB, a special operating agency of Opportunities New Brunswick (ONB), in January of 2018. ONB is the provincial economic development agency for the province of New Brunswick. Noticing an existing cybersecurity ecosystem in the province, ONB sought out to build a comprehensive strategy to build on the existing cluster and fill future workforce gaps in the industry. CyberNB was created to carry out economic development initiatives in the critical infrastructure protection sector. CyberNB launched Cyber Essentials Canada to offer the country a standard of security practices and a badge of trust to offer customers once they have moved through the program. The program is accessible for all businesses whether you are a small or medium business looking to meet cyber standards affordably, or a large enterprise looking to reduce vulnerabilities and ensure continuity within your supply chain. Without exhausting your resources, the CEC program can meet your needs.


The CEC program comes in two forms, CEC basic and CEC+. Members of the Canadian Chamber of Commerce can now access the CEC program at a 25% discount. This discount is exclusive to Canadian Chamber of Commerce local Chambers and their members; another way the Canadian Chamber of Commerce is showing businesses across the country that they are here to benefit your business. Once a business, or local Chamber, signs up for the certification program, they will fill out a series of statements online through the online platform, outlining their current cybersecurity practices. These include items such as firewall software, password policies, malware protection etc. Once your journey on the platform is complete, a third-party Certification Body will review your statements accredited under the Cyber Essentials Canada program. The Certification Body will review your responses and supporting evidence, identify your gaps, and provide a series of recommendations - unless you have been able to demonstrate full compliance and are ready to receive your badge of compliance. Once you receive your badge, share it proudly with your customers; display it on your website and marketing collateral, to show that you have taken the proper measures to protect your customers’ data. If you decide to continue the journey to Cyber Essentials Canada+ (Plus) the Certification Body will perform onsite vulnerability testing, for an additional, industry-standard fee.


Signing up for the Cyber Essentials Canada program is seamless and easy; chambers and their members have their own login page which automatically applies a 25% discount from the registration cost of $1,750.00 (CAD +applicable taxes.)


For more information, Cyber Essentials Canada is encouraging Chambers to review materials provided by the Canadian Chamber of Commerce or reach out to the Chamber directly. The CEC team is also here to provide support and answer questions.


We urge Chambers to reach out to their membership. share the news of the CEC program, and assist them in signing up to be certified. We are excited about this new partnership between Cyber Essentials Canada and the Canadian Chamber of Commerce, and look forward to working together to create a more safe and secure Canadian economy.




Subscribe to this Blog Like on Facebook Tweet this! Share on Google+ Share on LinkedIn

25 October 2018 | by Megan Henwood


About Cyber Essentials Canada


In the defence sector, companies are under constant threat of potential cyber attacks. Vulnerabilities within an organization can result in loss of productivity and revenue, compromise intellectual property, and cost a company the trust of its customers. Governments around the world are taking it a step further and requiring venders to have cybersecurity standards in place before working with public departments, or imposing fines on groups who suffer a breach and do not have preventative cybersecurity measures in place. 


Primes already know this, most have taken the measures to become NIST or ISO 27001 compliant. But, what about the supply chain? We commonly think cyber crime is aimed at large organization, but, the risk is now shifting to small and medium enterprises (SME). A prime’s supply chain can comprise of hundreds of SME’s, that may not have the means to mitigate risk. A growing number of primes have suffered from a cyber attack through a vulnerability in their supply chain, causing negative social media, and dissatisfaction from customers. So how do primes close the gaps in their supply chain?


Cyber Essentials Canada is the only government backed, government owned cybersecurity certification program. CEC is a cost effective solution aimed at helping SME’s achieve baseline standards to protect against the most common cyber threats. Being a fully managed solution, CEC is not resource exhaustive on suppliers, the process is seamless and easy, with the support of the CEC Success Team.


For more information on how to mitigate risk, or to start the certification journey, visit 



Subscribe to this Blog Like on Facebook Tweet this! Share on Google+ Share on LinkedIn

Cyber Essentials PLUS Program Logo

View our Certification Options