Top 10 IT Security Actions
The Government of Canada has a critical role to play in protecting the information of Canadians. Without proper IT security measures, your department is vulnerable and at risk of compromise. Stolen information, damaged reputations, and lost resources are scenarios that no department wants to face.
CSE’s advice and guidance will help you build a strong IT infrastructure and protect your networks. Our Top 10 IT Security Actions were selected and prioritized based on our analysis of cyber threat trends affecting Government of Canada Internet-connected networks. When implemented as a set, the Top 10 help minimize intrusions or the impacts to a network if a successful cyber intrusion occurs.
"As a community, we work together to secure and protect Government of Canada networks. By being proactive and adopting the Top 10, we can all benefit from the proven security measures."
Ron Parker, President of SSC
"CSE’s Top 10 are smart, practical actions that any department can implement. They work, and provide a lasting impact. There’s just too much at stake not to do them."
Yaprak Baltacioglu, Secretary of TBS
Implementation of the Top 10 will result in eliminating the vast majority of cyber threats currently seen active in GC networks.
- Use Shared Services Canada (SSC) Internet gateways
- Patch operating systems (OSs) and applications
- Enforce the management of administrative privileges
- Harden Operating Systems (OSs)
- Segment and separate information
- Provide tailored awareness and training
- Manage devices at the enterprise level
- Apply protection at the host level
- Isolate web-facing applications
- Implement application whitelisting
Want to know more?
Read the full list of the Top 10 IT Security Actions here.
- ITSB-89 v.3: The Top 10 IT Security Actions to Protect Government of Canada Internet-Connected Networks and Information
- ITSB-94: Managing and Controlling Administrative Privileges
- ITSB-95: Application Whitelisting Explained
- ITSB-96: Security Vulnerabilities and Patches Explained
- ITSB-66: Cyber Security Risks of Using Social Media
- ITSAP-00-100: Spotting Malicious E-mail Messages
- Cyber Journal 8
- Cyber Journal 9
Please contact the ITS Client Services Team.