Cyber Security Technical Advice and Guidance
The Canadian Cyber Incident Response Centre (CCIRC) provides a range of guidance documents, security bulletins, and technical reports related to cyber security issues.
Cyber Security Bulletins
CCIRC issues alerts and advisories to communicate information about potential, imminent or actual threats, vulnerabilities or incidents affecting Canada's critical infrastructure. Both may contain information and analysis not readily available in the public domain. Recipients are encouraged to consider the real or possible impact on their organization of the information presented in alerts and advisories, and to take appropriate action.
CCIRC technical reports and information notes provide detailed information and mitigation advice for specific cyber security issues.
Technical Cyber Security Best Practices
In response to persistent cyber security challenges, CCIRC has developed a suite of technical best practice guidelines to assist security professionals.
Our most requested tools include:
- Top 4 Strategies to Mitigate Targeted Cyber Intrusions
- Malware Infection Recovery Guide
- Mitigation guidelines for Denial-of-Service Attacks
- Mitigation guidelines for Advanced Persistent Threats
- Recommended best practices for Industrial Control Systems (ICS)
- Remaining Cyber Safe While Travelling
Reference Documents and Research Reports
The following reference documents have been developed by Public Safety Canada's National Cyber Security Directorate.
The executive summaries below outline research reports produced for Public Safety Canada. For the complete report, please submit a request through our General Inquiries service.
- Report on Establishing a Canadian SCADA Portal;
- Guidance for Building a Business Case for SCADA Security
Industrial Control Systems (ICS) Security Workshops and Training
Public Safety Canada's Industrial Control Systems (ICS) Security workshops bring together recognized experts along with representatives from the federal Government to provide briefs on the latest threats and steps that can be taken to increase the security of industrial control systems. The workshops are open to representatives from the critical infrastructure, provincial governments and academia. The training is lecture style but technical in nature and takes place at the intermediate to advanced level.
Public Safety Canada's Industrial Control Systems (ICS) Security training is focused on the development of basic incident handler skills for the ICS environment. The training is hands-on using real tools and targets. Participants will be expected to have a basic to moderate level of computer security training and proficiency within an incident response and/or network environment.
Other Cyber Security Organizations
CCIRC works with many Government organizations to mitigate cyber threats to vital systems outside the federal government.
Internationally, CCIRC stays in close contact with its counterpart Computer Security Incident Response Teams (CSIRT) and centers for critical infrastructure protection who produce a range of guidance documents and technical reports:
- United States - Computer Emergency Readiness Team: Publications
- United Kingdom - Centre for the Protection of National Infrastructure: Cyber Security
- Australia - Computer Emergency Response Team: Publications
- New Zealand - National Cyber Security Centre: Useful Resources
CCIRC Community Portal
The CCIRC Community Portal provides a common collaboration tool for organizations that are part of Canada's critical infrastructure sectors. CCIRC uses this portal to share its most recent documents and publications with its partners. In turn, partners have the option of posting documents of their own, and can also use this portal to report cyber incidents to CCIRC. For more information please contact CCIRC.
- Date modified: