home home  
 
 
 
 
 
 

Cybersecurity



 

“Active management of cyber risk is critical to the stability of IIROC-regulated firms, the integrity of Canadian capital markets and the protection of investors.”

Andrew Kriegler, President and CEO, IIROC

Cybersecurity Summary:

Cybersecurity is a key issue for Dealers and IIROC. Cybersecurity has been an important priority for IIROC for the last few years.

IIROC is committed to helping firms strengthen risk management practices and increase cybersecurity preparedness. IIROC’s initiatives include self-assessment surveys, consultations with cybersecurity professionals, and table-top exercises. We also provide educational resources such as best practice guides and webinars to help Dealers plan and implement effective risk controls and response plans for cyber threats and attacks.

WHAT’S NEW?

  • A new IIROC Cyber Governance Guide will be published soon! Watch this space.

  • A table-top exercise for small and medium-sized Dealer Members is being planned for June 2020. Stay tuned for details. (January 30, 2020)

  • IIROC annual compliance report highlights the cybersecurity initiatives. (December 20, 2019)

 

Cybersecurity Information:

 

icon

Incident Reporting summary:

IIROC implemented rules to require mandatory reporting of a cybersecurity incident by Dealers to IIROC.

icon

Self-assessment surveys:

IIROC conducted cybersecurity self-assessment surveys for all Dealers in 2016, and again in 2018. Each Dealer was issued a confidential Cybersecurity Report (CSR) which identified their level of cybersecurity maturity and set out high-level recommendations for priority attention.

icon

Site visits:

In 2017 and 2019, IIROC engaged cybersecurity consultants and visited selected Dealers with cybersecurity self-assessment maturity levels below the expected target of their industry peer group.

icon

Table-top exercises:

IIROC hosts table-top exercises to help small and medium-sized firms with cybersecurity preparedness and risk management practices.

icon

Guides and resources:

IIROC published a Best Practices Guide and an Incident Management Planning Guide to help Dealers protect themselves and their clients against cyber threats and attacks.

icon

Webinars:

Information and links to webcasts on cybersecurity issues released by IIROC’s Member Education Services group.

icon

Helpful Links:

Here are some links to information and resources provided by the Government of Canada on cybersecurity.

icon

Contact:
  • Suzanne Lasrado: Senior Manager, Financial and Operations Compliance

  • Email