Skip to main content

What is National Cybersecurity Awareness Month?

National Cybersecurity Awareness Month (NCSAM) – observed every October – is a collaborative effort between government and industry to ensure everyone has the resources they need to stay safer and more secure online.

What are Cyberthreats?

A cyber threat is an activity intended to compromise the security of an information system (such as a computer network, a website or even a social media page) by altering the availability, integrity, or confidentiality of a system or the information it contains. These activities take place in the online space. Cyber threat actors are simply individuals or organizations, they may have different motivations, skill sets or capabilities but often the end result is often the same. In general, they seek to demonstrate their capabilities, cause harm to an organization or individual or profit from online activities. Cyber threat actors aim to take advantage of vulnerabilities, low cyber security awareness, and technological developments to gain unauthorized access to information systems in order to access or otherwise affect victims’ data, devices, systems, and networks. Sometimes, even sophisticated actors use less sophisticated and readily available tools and techniques because they meet their needs and require little effort on their part. 

How Cyberthreats work?

As Canadians put more of their information online, they become increasingly attractive targets for cyber threat actors. Canadians’ exposure to cyber threats increases with the growing number of Internet-connected devices, such as televisions, home appliances, thermostats, and cars. As an individual, you may be the victim of cyber fraud and extortion attempts from cybercriminals. Actors can use cyber tools and social engineering to extort money or information from Canadian individuals and businesses. You may have heard of these techniques or you may have already been the victim of a cyber incident. Some of the most commonly used tools are adware, ransomware, denial of service, password cracking, pharming, phishing and malware. The good news is that even as the range of tools and techniques at the disposal of cyber threat actors continue to increase, the different tools and techniques at the disposal of businesses, organizations and everyday Canadians can protect against even the most sophisticated attempts.


This year's core message is to OWN IT! SECURE IT! and PROTECT IT!

ncsam logo

  • OWN IT!

    Internet-based devices are present in every aspect of our lives: at home, school, work, and on the go. Constant connection provides opportunities for innovation and modernization, but also presents opportunities for potential cybersecurity threats that can compromise your most important personal information. Understand the devices and applications you use every day to help keep you and your information safe and secure.


    Keeping Tabs on your Apps (Privacy Settings)

    tabs on apps

    Have you noticed that apps you recently downloaded are asking for permission to access your device’s microphone, camera, contacts, photos, or other features? Or that an app you rarely use is draining your battery life?

    Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized you approved—gathering your personal information without your knowledge while also putting your identity and privacy at risk. Don’t give your apps an all-access pass.


    • Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use.
    • Learn to just say “no” to privilege requests that don’t make sense.
    • Only download apps from trusted sources.
    • Enable automatic app updates in your device settings or when they pop up, because having the most up-to-date software doesn’t just make things run smoother—it helps keep you patched and protected against ever-evolving cyber threats!


    Safe Social Media Posting (Never Click and Tell)

    click and tell

    Everyone seems to be posting their information on social media—from personal addresses to where they like to grab coffee. You may figure, if everyone’s doing it, why can’t I?

    What many people don’t realize is that these seemingly random details are all criminals need to know to target you, your loved ones, and even your physical belongings—online and in the real world.


    • Avoid posting names, phone numbers, addresses, school and work locations, and other sensitive information (whether it’s in the text or in the photo you took). 
    • Disable geotagging, which allows anyone to see where you are—and where you aren’t—at any given time.
    • While it’s tempting to do otherwise, limit your social networks to people you actually do know in real life, and set your privacy preferences to the most restrictive settings.

    Cybercriminals are very good at getting personal information from unsuspecting victims, and the methods are getting more sophisticated as technology evolves. Protect against cyber threats by learning about security features available on the equipment and software you use. Apply additional layers of security to your devices – like Multi-Factor Authentication – to better protect your personal information.

    Multi-Factor Authentication

    login protection

    No matter how long and strong your password is, a breach is always possible. All it takes is for just one of your accounts to be hacked, and your personal information and other accounts can become accessible to cyber criminals.

    Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring. This way, even if cyber criminals guess your password, they’re still out of luck!


    • has optional multi-factor authentication that you can turn on. To opt-in and enable multi-factor authentication with your Google account, please follow the instructions here.


    Protecting Against Phishing (Play Hard to Get with Strangers)

    play hard to get w. strangers

    Cyber criminals cast wide nets with phishing tactics, hoping to drag in victims. Seemingly real emails from known institutions or personal contacts may ask for financial or personal information.

    Cyber criminals will often offer a financial reward, threaten you if you don’t engage, or claim that someone is in need of help. Don’t fall for it! Keep your personal information as private as possible.


    • If they have key details from your life—your job title, multiple email addresses, full name, and more that you may have published online somewhere—they can attempt a direct spear-phishing attack on you. Cyber criminals can also use social engineering with these details to try to manipulate you into skipping normal security protocols.
    • If you’re unsure who an email is from—even if the details appear accurate—do not respond, and do not click on any links or attachments found in that email. Always avoid sending sensitive information via email.
    • If you receive a suspicious email that appears to be from someone you know, reach out to that person directly on a separate secure platform. If the email comes from an organization but still looks ‘phishy,’ reach out to them via customer service to verify the communication.




    Every click, share, send, and post you make creates a digital trail that can be exploited by cybercriminals. To protect yourself from becoming a cybercrime victim you must understand, secure, and maintain your digital profile. Be familiar with and routinely check privacy settings to help protect your privacy and limit cybercrimes.

    "Google" Yourself

    With the rise of the digital age, it is difficult (if not impossible) to remain totally anonymous on the internet. Having an online presence and maintaining your social networks can be a wonderful and valuable tool, but sometimes we are unaware of how much personal information can be obtained about us over time.

    When was the last time you typed your name or your email address in a web search like Google or Bing? You may be shocked at the results. You may find that old photos of yourself pop up, or an old user account from a forgotten social network or blog that is still associated with your name. You may even want to search for your work email, to make sure it has not been compromised and made available on the internet for the bad guys to find.


    • By searching and analyzing your online presence often, you can take steps to remove those things you may not want strangers to see. Like that embarrassing photo from University/College. You know the one I’m talking about.


    Cyber Hygiene (If you Connect, You must Protect)

    connect - protect

    Our devices are great at making our lives easier and fun, but it’s important to be conscious about all the information you are generating and where it’s headed. Once your device plugs into cyberspace, you and your device could potentially be vulnerable to all sorts of risks.

    These include malware that can steal information and data, destroy your hardware, log keystrokes, and infect other devices connected to your compromised device. Whether it’s your computer, smartphone, game device, or other network devices, the best defense is to stay on top of things by updating to the latest security software, web browser, and operating systems. If you have the option to enable automatic updates to defend against the latest risks, turn it on.


    • Be sure to protect your devices with antivirus software. There are many kinds of antivirus software available, so find one that fits your needs and your devices.
    • If you’re putting something into your device, such as a USB for an external hard drive, make sure your device’s security software scans for viruses and malware.



FAQs IT forms Submit a ticket Got a question?