Top 10 IT Security Actions
The Government of Canada has a critical role to play in protecting the information of Canadians. Without proper IT security measures, your department is vulnerable and at risk of compromise. Stolen information, damaged reputations, and lost resources are scenarios that no department wants to face.
CSE’s advice and guidance will help you build a strong IT infrastructure and protect your networks. Our Top 10 IT Security Actions were selected and prioritized based on our analysis of cyber threat trends affecting Internet-connected networks. When implemented as a set, the Top 10 help minimize intrusions or the impacts to a network if a successful cyber intrusion occurs.
"As a community, we work together to secure and protect Government of Canada networks. By being proactive and adopting the Top 10, we can all benefit from the proven security measures."
Ron Parker, President of SSC
"CSE’s Top 10 are smart, practical actions that any department can implement. They work, and provide a lasting impact. There’s just too much at stake not to do them."
Yaprak Baltacioglu, Secretary of TBS
Implementation of the Top 10 will result in eliminating the vast majority of cyber threats.
- Consolidate, monitor and defend internet gateways*
- Patch operating systems and applications
- Enforce the management of administrative privileges
- Harden operating systems and applications
- Segment and separate information
- Provide tailored awareness and training
- Protect information at the enterprise level
- Apply protection at the host level
- Isolate web-facing applications
- Implement application whitelisting
*Government of Canada to use Shared Services Canada Internet Gateways.
Want to know more?
Learn more about our new Top 10 for everyone:
ITSM.10.189–Top 10 IT Security Actions to Protect Inter-Connected Networks and Information
For GC departments, continue to follow:
ITSB-89 v.3 – Top 10 IT Security Actions to Protect Government of Canada Internet-Connected Networks and Information
- ITSB-89 v.3: The Top 10 IT Security Actions to Protect Government of Canada Internet-Connected Networks and Information
- ITSB-94: Managing and Controlling Administrative Privileges
- ITSB-95: Application Whitelisting Explained
- ITSB-96: Security Vulnerabilities and Patches Explained
- ITSB-66: Cyber Security Risks of Using Social Media
- ITSAP-00-100: Spotting Malicious E-mail Messages
- ITSM.10.189: Top 10 IT Security Actions to Protect Inter-Connected Networks and Information
- Cyber Journal 8
- Cyber Journal 9
- Cyber Journal 12
Please contact the ITS Client Services Team.