The course prepares the
student for taking a lead role in the creation of a corporate cyber risk
management program within an organization. It covers the what, why, and how for effective cyber risk management using the CyberSecure Canada (CSC) certification program as a model. The international certification program Cyber Essentials Canada (CEC)
is also introduced and discussed. Both of these programs have a direct
progression to NIST 800-171, also discussed from the supply chain
certification requirement in class.
will find this a powerful addition to their portfolio of security and
risk management knowledge, and their certifications. It is also an
excellent way for a Governance, Risk, and Compliance executive to
better understand the process required to gain and maintain
certification for CSC, NIST, CMMC, ISO and other internationally
Why is it valuable for businesses to send employees on this course?
Having staff become a certified practitioner positions the organization to take full advantage of Canada's CyberSecure Canada certification program. This training certification equips students with practical knowledge of the CSC framework
for ongoing cybersecurity risk management. It also provides the
spin-off benefits of creating a competitive corporate business
advantage, as well as enhancing students’ professional career skills.
addition, attendees will leave the class fully prepared to start a
certification program for their own company, or for a client company. By
focusing on a particular organization of interest during the class, the
student will leave with a documented start to the CSC standard. This
also offers the perfect launching point to other standards as
organizational requirements grow.
Is this course valuable for SMBs and MSPs in the United States?
Yes! CSC is working with NIST and CMMC to ensure congruence between programs.
Department of Homeland Security's Cybersecurity and Infrastructure
Security Agency (CISA) has announced Cyber Essentials as a guide for
small businesses in the United States. In addition, Cyber Essentials is
aligned with NIST 800-171, which is aligned with the emerging Cybersecurity Maturity Model Certification (CMMC).
There is a clear progression from Cyber Essentials, through CyberSecure
Canada, through NIST 800-171 and standards beyond in terms of
cybersecurity value for organizations with stakeholder requirements such
as supply chain and business contracts.
Who should take this course?
Managed Service Providers (MSPs) and in-house employees will find this
course especially valuable as they lead the organization towards
certification in the CSC or other programs.
Registrants are expected to meet the following prerequisites to attend this course:
• Working level understanding of networking concepts;
• Working level understanding of Windows operating system concepts;
• Cybersecurity management experience is an asset;
Have (or are seeking) a position with responsibility for IT
architecture, security, operations, or GRC (Governance, Risk, &
Compliance) within a business.
What subject areas are covered?
course covers the governance and technical subject areas required in
order to obtain CSC certification. This includes a review of the CyberSecure Canada certification
program, discussion related to the 5 Organizational Control Areas
(Organization size, certification scope, etc.), and review of the 13
Technical Control Areas (Incident Response Plan, System Patching, Strong
User Authentication, etc.).
How is the course structured?
2-day course, previously conducted in a live in-person meeting place,
is now held online via instructor led screen sharing sessions.
Collaborative hands-on exercises are built into the agenda to
familiarize the student with the Certification Portal tool.
This also maximizes student engagement and knowledge retention by
providing the opportunity for sharing experiences, knowledge, and
Each of 13 CSC control areas
will be covered in detail, with periods for open discussion and Q&A.
The course will end with a 45 minute final exam, which students will
need to pass with a mark of 70% in order to complete the course and
Frequently Asked Questions
What are my transportation/parking options for getting to and from the event?Due to Covid-19 concerns, this event is now conducted online.
What should I bring into the event?
it is in accordance with your organization's security policies, it will
also be helpful for you to have soft copies of your security policies
for reference during exercises. For businesses that do not have
formalized policies, or students who can not bring them, we will provide
sample policy templates for reference purposes.
What's the refund policy?
are available until 30 days prior to class commencement, however
enrollment is transferable right up to the start date/time of the class.
Can I update my registration information?
Yes. If you need to update your registration information, please contact Watsec at firstname.lastname@example.org.
Is my registration fee or ticket transferable?
A paid registrant may transfer their ticket to another individual,
provided the original registrant contacts the organizer with proof of
their registration, and provides the name and contact details for the
new individual who will be attending.
Who developed the course?
This revised version of the course was developed by Waterloo Security Ltd., in collaboration with CE Canada, Watsec Cyber Risk Management (WaterlooSecurity Ltd.) is a CyberSecure Canada and Cyber Essentials Canada accredited Certification Body.