RESIDENTIAL ROUTERS’ REQUIREMENTS
In a media factsheet, CSA said it will require CIIOs, auditors conducting audits for CIIOs, as well as licensed cybersecurity service providers providing penetration testing and managed security operations centre monitoring services, to meet Cyber Trust Mark (CTM) requirements.
The CTM serves as a mark of distinction for organisations to prove that they have put in place good cybersecurity practices and measures that are commensurate with their cybersecurity risk profile.
There are five cybersecurity preparedness tiers, with 10 to 22 domains under each tier.
Currently, CIIOs are required to adhere to higher standards set out in the Cybersecurity Code of Practice for their CII systems.
The new requirement for CIIOs to meet CTM Level 5 – the highest tier of certification – is meant for non-CII systems owned by the CIIOs. They will be given until the end of 2027 to obtain this certification.
