Taming the Flood: Bringing Order out of Chaos in Your Security Data
Today’s security teams aren’t short on data – they’re overwhelmed by it. Logs stream endlessly from cloud platforms, endpoints, networks, identity systems, and hundreds of additional sources. Each promises insight. Collectively, they create noise. The stakes are rising fast: in 2025, the average cost of a data breach in Canada reached CA$6.98 million, a 10.4% […]
AI is the New Threat Surface
Why Canadian Organizations Must Rethink Cybersecurity in the Age of AI In June 2025, a single email compromised Microsoft 365 Copilot. The vulnerability, dubbed EchoLeak (CVE-2025-32711), required no clicks, no attachments, no user interaction whatsoever. The AI assistant simply processed the malicious email as part of its normal operation – and silently exfiltrated emails, documents, […]
AI+ vs. +AI: Building a Future-Proof AI Architecture
Artificial intelligence is reshaping how organizations modernize… but not all modernization is created equal. Consider this tale of two companies who pursued AI in different ways – and with different results. Once upon a time, two companies set out to modernize their operations with artificial intelligence. Both had the same ambition: to become faster, smarter, […]
ISA Cybersecurity Joins the Microsoft Intelligent Security Association (MISA)
ISA Cybersecurity today announced it has become a member of the Microsoft Intelligent Security Association (MISA), an ecosystem of software development companies and security services partners that have integrated their solutions with Microsoft Security technology to better defend our mutual customers against a world of increasing cyber threats. With Canadian enterprises and public sector organizations […]
Security Awareness: The Easiest, Smartest Cyber Investment You’re Not Making
Cybersecurity isn’t just an IT issue – it’s a business continuity and resilience imperative. With one in five malicious emails still making it past filters, human judgement is a critical control point. This challenge is only intensifying as cyber criminals are using AI tools to craft flawless, personalized phishing emails that may slip past traditional […]
Zero Trust: The Key to Modern Cybersecurity and Risk Management
In a world in which users, devices, and data can be anywhere, the old “protect the perimeter” approach to security no longer works. That’s why Zero Trust has become a critical component of any organization’s security maturity journey. By adopting a “never trust, always verify” philosophy, you can significantly enhance your defenses against sophisticated cyber […]
PromptLock – the first AI-powered ransomware strain
Security researchers at ESET have identified “PromptLock”, which they are calling the first known strain of AI-powered ransomware. While still a proof of concept with no observed active usage in the wild, PromptLock represents a disruptive shift in ransomware tactics: it dynamically generates malicious scripts via an LLM rather than delivering static malware code. This […]
Five Steps in Developing a Successful Bill 194 Compliance Business Case
Ontario’s Bill 194, Strengthening Cyber Security and Building Trust in the Public Sector Act, sets higher standards for cybersecurity, AI regulation, and privacy compliance for municipal governments and other public sector organizations across the province. But with budget challenges and competing priorities, securing the support for security enhancements may not be as straightforward as you […]
Six Steps to Take Before Running a Red Team Exercise
About the Author: Jason Thompson (CISSP, CISA, CRISC) – Senior Director, Offensive Security, ISA Cybersecurity Jason is a highly experienced and passionate Information Technology (IT) professional with over 20 years of experience in the field, 18 of those years in focused on IT security. Jason has proven skills in security assessments, risk management, security advisory, […]