Zero Trust: The Key to Modern Cybersecurity and Risk Management
In a world in which users, devices, and data can be anywhere, the old “protect the perimeter” approach to security no longer works. That’s why Zero Trust has become a critical component of any organization’s security maturity journey. By adopting a “never trust, always verify” philosophy, you can significantly enhance your defenses against sophisticated cyber […]
PromptLock – the first AI-powered ransomware strain
Security researchers at ESET have identified “PromptLock”, which they are calling the first known strain of AI-powered ransomware. While still a proof of concept with no observed active usage in the wild, PromptLock represents a disruptive shift in ransomware tactics: it dynamically generates malicious scripts via an LLM rather than delivering static malware code. This […]
Five Steps in Developing a Successful Bill 194 Compliance Business Case
Ontario’s Bill 194, Strengthening Cyber Security and Building Trust in the Public Sector Act, sets higher standards for cybersecurity, AI regulation, and privacy compliance for municipal governments and other public sector organizations across the province. But with budget challenges and competing priorities, securing the support for security enhancements may not be as straightforward as you […]
Six Steps to Take Before Running a Red Team Exercise
About the Author: Jason Thompson (CISSP, CISA, CRISC) – Senior Director, Offensive Security, ISA Cybersecurity Jason is a highly experienced and passionate Information Technology (IT) professional with over 20 years of experience in the field, 18 of those years in focused on IT security. Jason has proven skills in security assessments, risk management, security advisory, […]
AI: Fact, Fiction or Function
Currently, one of the biggest discussion points regarding artificial intelligence (AI) revolves around the basic understanding of what AI really can and can’t do. Opinions on AI run the gamut from claiming that AI is incapable of doing things that it clearly can, to ascribing capabilities to it that are beyond current technology. Here, we […]
The Eight Essential Steps in Building your AI Data Governance Strategy
As Artificial Intelligence (AI) becomes a key aspect of how most organizations operate, Canadian companies need to pay close attention to how AI and data management work together. While appropriate governance is essential, it may be hard for organizations to see how to get started on a cohesive plan. As experts in the field of […]
Cyber Risk Calculators are Broken: Here’s Why
The metaphor of a “broken risk assessment calculator” in cybersecurity is an apt one, as it highlights several key deficiencies in the current approach to cybersecurity risk assessment in Canada and abroad. In this article, we analyze some of the limitations of the current approaches, and explore ways you can get a more realistic handle on […]
Securing the Human Threat Surface: 5 Proactive Cyber Strategies for Canadian Business
More than ever, cyber criminals are focusing on the human attack surface for financial gain. Protecting the organization by educating employees on risks and threats has become a critical concern for organizations across Canada, especially in key sectors like healthcare, finance, energy, and critical infrastructure. Cyber criminals are increasingly targeting employees and executives as the […]
Key Considerations for your AI Data Governance Strategy
AI data governance is critical for compliance, data protection, and trust, addressing risks like data breaches, regulatory issues, and bias.