1 in 5

Canadian businesses

were impacted by a cybersecurity incident in 2019[1]

$6.35 million

an estimated average cost

of a data breach in Canada[2]

56%

of customers

express frequent interest and concern in the cybersecurity posture of organizations they do business with[3]

Resources

CSA Group standards, research, policy briefs, and other resources

Leverage the resources CSA Group and its volunteer members developed to provide you with information, guidance, best practices, and requirements to help organizations improve cybersecurity of their systems, practices, and products.

Research report

Intelligent Building Systems and Workplace Privacy

Research report

Intelligent Buildings: Layout and Relevant Standards

Research report

Information and Communication Technology Infrastructure (ICTi) in Buildings

Article

How cyber-mature are your products and organization?
Read the article

CSA/ANSI T200:22

Evaluation of software development and cybersecurity programs

Get Standard

CAN/CSA-ISO/IEC 15026-2:13 (R2017)

Systems and software engineering - Systems and software assurance - Part 2: Assurance case

Get Standard

CSA ISO/IEC 20243:16 (R2021)

Information Technology — Open Trusted Technology Provider TM Standard (O-TTPS) — Mitigating maliciously tainted and counterfeit products

Get Standard

CSA ISO/IEC 20897-1:21

Information security, cybersecurity and privacy protection — Physically unclonable functions — Part 1: Security requirements

Get Standard

CSA ISO/IEC 27000:19

Information technology - Security techniques - Information security management systems - Overview and vocabulary

Get Standard

CSA ISO/IEC 27005:19

Information technology - Security techniques - Information security risk management

Get Standard

CSA ISO/IEC 27007:20

Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing

Get Standard

CSA ISO/IEC 27009:20

Information security, cybersecurity and privacy protection — Sector-specific application of ISO/IEC 27001 — Requirements

Get Standard

CSA ISO/IEC 27013:22

Information security, cybersecurity and privacy protection — Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

Get Standard

CSA ISO/IEC 27014:21

Information security, cybersecurity and privacy protection — Governance of information security

Get Standard

CSA ISO/IEC 27036-1:22

Cybersecurity — Supplier relationships — Part 1: Overview and concepts

Get Standard

CAN/CSA-ISO/IEC 27037:18

Information technology — Security techniques — Guidelines for identification, collection, acquisition, and preservation of digital evidence

Get Standard

CAN/CSA-ISO/IEC 27038:18

Information technology — Security techniques — Specification for digital redaction

Get Standard

CAN/CSA-ISO/IEC 27040:18

Information technology — Security techniques — Storage security

Get Standard

CAN/CSA-ISO/IEC 27041:18

Information technology — Security techniques — Guidance on assuring suitability and adequacy of incident investigative method

Get Standard

CAN/CSA-ISO/IEC 27042:18

Information technology — Security techniques — Guidelines for the analysis and interpretation of digital evidence

Get Standard

CAN/CSA-ISO/IEC 27043:18

Information technology — Security techniques — Incident investigation principles and processes

Get Standard

CSA ISO/IEC TS 27110:21

Information technology, cybersecurity and privacy protection — Cybersecurity framework development guidelines

Get Standard

CAN/CSA-IEC 62443-2-1:17 (R2022)

Industrial communication networks — Network and system security — Part 2-1: Establishing an industrial automation and control system security program

Get Standard

CAN/CSA-IEC 62443-2-4:17 (R2022)

Security for industrial automation and control systems — Part 2-4: Security program requirements for IACS service providers

Get Standard

CAN/CSA-IEC 62443-2-4:17/A1:20 (R2022)

Amendment 1:2020 to CAN/CSA-IEC 62443-2-4:17, Security for industrial automation and control systems — Part 2-4: Security program requirements for IACS service providers

Get Standard

CAN/CSA-IEC 62443-3-3:17 (R2022)

Industrial communication networks — Network and system security — Part 3-3: System security requirements and security levels

Get Standard

Get involved

Stay up-to-date with the latest developments at CSA Group, connect with your peers and the CSA Group team to ask questions and share your insights, or get involved in the standards development. There are many ways to stay in touch and contribute to creating a better, safer, and more sustainable world.

Contact CSA Group’s ICT Team with questions or to discuss your standards development needs.

[email protected]

Join the CSA Group Electrical Community and get access to additional resources, discussion forums, and more.

CSA Group Electrical Community

Get the latest CSA Group news on standards, research, and other activities directly in your inbox.

Subscribe to CSA Standards monthly newsletter

[1]About one-fifth of Canadian businesses were impacted by cyber security incidents in 2019, Statistics Canada, 2020
[2]The Cost of a Data Breach Report 2021, IBM, 28 July 2021
[3]Predicts 2022: Cybersecurity Leaders Are Losing Control in a Distributed Ecosystem, Gartner Inc., 2022,