Quick Intelligence Blog

Why do my Customers Want to Know About my Cyber Security Practices?

They say a fence is only as strong as its weakest link, that holds true with cyber security as well. With most companies outsourcing services to companies like yours (and ours!), what we do to protect ourselves directly impacts the overall cyber security postures of our customers.

Topics: cyber security Compliance Privacy

How do Privacy Requirements Affect my Business?

Privacy and security go hand in hand. Cyber security focuses on protecting the information from unauthorized access, while privacy focuses more on protecting the contents of the information and ensuring it isn’t accessed or shared inappropriately. Both businesses and individuals have an expectation of privacy when they trust another business with their data.

Topics: cyber security Compliance Privacy Breach

Survey says 7 out of 10 Canadian Businesses Attacked by Ransomware Paid the Ransom

A new survey by the Canadian Internet Registration Authority (CIRA) says that nearly 70 per cent of Canadian organizations facing a ransomware attack last year paid the demands to avoid downtime, reputational damage and other costs. The interesting thing is that when they asked cyber security professionals if they supported legislation to make ransomware payments illegal, 64% said yes.

Topics: Ransomware cyber security Cyber Insurance Compliance Privacy Breach

How to Handle the Dreaded Cyber Security Questionnaire

So, you are a small business owner, and are about to land your first big client. Everything is going well, but before they sign the contract, they hand you a cyber security questionnaire. Now the panic sets in. Does this sound familiar?

Topics: cyber security Compliance Privacy

What is PCI Compliance?

PCI compliancePCI compliance, or Payment Card Industry compliance, is a set of standards created to ensure that when business take credit card payments online, they do it in a secure manner, minimizing the risk of credit card theft. The PCI Council creates the rules (there are ~150 of them) which dictate everything from firewall configuration to security protection on devices used to store, process, or transmit credit card data.

Topics: cyber security Compliance

What is the NIST Cybersecurity Framework (CSF)?

The National Institute of Standards and Technology (NIST) was “founded in 1901 and is now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories.” In 2013, then-president Obama tasked NIST to create a set of common-sense protection actions that SMBs could take to better protect themselves from Internet-based exposures.

Topics: cyber security Compliance

What is PIPEDA?

Canada’s data privacy law, the Personal Information Protection and Electronic Documents Act, or PIPEDA, governs how private Canadian companies are responsible for the collection, use and disclosure of personally identifiable information (PII) during the course of their regular business activities. PIPEDA fist came into law in 2000 and must be reviewed by parliament every 5 years. The last update to PIPEDA came into law on November 1, 2018, and for the first time, it included regulations for disclosing a cyber security breach.

Topics: cyber security Compliance Privacy Breach

What is GDPR?

The General Data Protection Regulation, or GDPR, is a law created by the European Union to protect its citizens’ privacy and information. It includes the concept of the “right to be forgotten”, meaning if an EU citizen doesn’t want you to have their information, they have the right to request that it be deleted entirely and expect proof when completed. If you do business in the EU or have EU citizens as customers, GDPR applies to you, take it seriously as significant fines for non-compliance can apply! Fines can be as high as 20,000,000 EUR, or up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher.

Topics: cyber security Compliance

What is CCPA? Do I Need to Be Concerned?

The California Consumer Privacy Act (CCPA) is a state statute designed to protect the personal information of California residents. Like the EU’s General Data Protection Regulation (GDPR), It gives residents the right to know about information being collected about them and why it’s being collected, the right to request information be deleted (with some exceptions), the right to opt-out of having their information sold, and the right to non-discrimination for exercising these rights. Only California residents have rights under the CCPA.

Topics: cyber security Compliance

What is a SOC Audit?

Has this happened to you before? Your business is about to land a big client. Everything is going well, but before they sign the deal, they want you to sign off on a Cyber Security Questionnaire. Not only that, but they have also asked you for a SOC Audit, and you don’t even know what it is.

Topics: cyber security Compliance