Resources - CyberSecurity Training and Certification

CyberSecurity News

Splunk CVE-2026-20253: CVSS 9.8 Unauthenticated File Operations Flaw Puts Canadian Security Operations Centers at Risk — What to Do Now
F5 NGINX CVE-2026-42530 and CVE-2026-42055: Unauthenticated Code Execution Flaws Demand Emergency Patching — What Canadian Hosting Providers and Web Teams Must Do Now
Klue OAuth Breach: Icarus Extortion Group Steals Salesforce CRM Data From Multiple Organizations — What Canadian Enterprises Must Do Now
Cybersecurity Daily Brief — Thursday, June 18, 2026
Joomla JCE CVE-2026-48907: CVSS 10.0 Unauthenticated PHP Code Execution Added to CISA KEV — What Canadian Web Operators Must Do Now
Cisco Catalyst SD-WAN CVE-2026-20262: Another Active SD-WAN Exploit Hits CISA KEV — What Canadian Organizations Must Do Now
Mastra npm Supply Chain Attack: 144 Packages Backdoored via easy-day-js — What Canadian Developer Teams Must Do Now
Cybersecurity Daily Brief — Wednesday, June 17, 2026
Three Fortinet FortiSandbox Vulnerabilities Now Actively Exploited — What Canadian Security Teams Must Do Now
UNC6508: China-Linked Hackers Stole US and Canadian Defence and AI Research Data for Over a Year

From our blog

Security Metrics That Matter to Leadership

June 18, 2026

Learn which cybersecurity metrics actually matter to boards and executives in Canada — and how to report them with clarity and business context.

How to Write a Cybersecurity Policy That Actually Gets Used

June 17, 2026

Most Canadian organizations have a cybersecurity policy. Few have one people follow. Here is how to write one that works.

The CISRM Certification: Risk Management in Cybersecurity

June 16, 2026

The CISRM certification builds structured risk management expertise for Canadian GRC professionals aligned with ITSG-33 and CCCS frameworks.

What Is a Business Impact Analysis and Who Should Run One?

June 15, 2026

A business impact analysis identifies your critical functions and the real cost of losing them. Here is who runs it and why it matters for...

Third-Party Risk Management: A Practical Guide

June 12, 2026

Third-party breaches doubled in a single year. Here is how Canadian organizations build a vendor risk program that holds up.

How to Conduct a Cybersecurity Audit

June 11, 2026

A cybersecurity audit tells you whether your controls actually work. Here is a step-by-step guide for Canadian organizations.

Privacy Law and Cybersecurity: What Canadian Organizations Need to Know

June 10, 2026

PIPEDA requires security safeguards and breach notification. Quebec's Law 25 is fully in force. Here is what Canadian organizations need to know.

Data Classification: Why It Matters and How to Do It Right

June 9, 2026

Most Canadian breaches trace back to unclassified data. Learn how to build a data classification system that works — and why it starts with knowing...

What Is NIST CSF and How Do Organizations Use It?

June 8, 2026

Learn what NIST CSF 2.0 is, how its six functions work, and how Canadian organizations align it with CCCS guidance to manage cybersecurity risk.

How to Build a Cybersecurity Risk Framework From Scratch

June 5, 2026

Learn how to build a cybersecurity risk framework for your Canadian organization using CCCS and ITSG-33 guidance — from asset inventory to continuous monitoring.