Cybersecurity and data protection: Prepare, detect, notify and report
Cyberthreats and data breaches can cause significant monetary and reputational damage. The revised Personal Information Protection and Electronics Documents Act (PIPEDA) imposes fines up to $100,000 on Canadian businesses that fail to properly notify consumers and the Privacy Commissioner of data breaches. Organizations that are prepared for these security incidents will stand to reap the lion’s share of the benefits, including reduced financial and reputational risks, greater competitiveness, and increased awareness.
In Cybersecurity and Data Protection: Technology Spotlight, Claudiu Popa, CISSP, CIPP, CISA, provides an overview of the impacts from cybersecurity incidents and practical countermeasures for common security risks.
Key tips include:
- create ongoing cyber awareness education and training for employees
- leveraging various tools to detect potential security incidents
- how to carry out periodic tests on your organization's security infrastructure
CPA Canada is committed to promoting awareness and understanding of cybersecurity risks. Examples of other resources include publications on developing a risk management program and disclosure practices for cybersecurity and a cybersecurity bulletin for directors, as well as webinars on how to manage cybersecurity risks.