top of page
  • Writer's pictureDeborah
    • Apr 25

A cyber Incident is a “cyber event that adversely affects the cyber security of an information system or the information the system processes, stores or transmits whether resulting from malicious activity or not.”

Common examples of cyber incidents include:

  • Denial of Service (DoS) : defined as the prevention of authorised access to information or information systems; or the delaying of information system operations and functions, with resultant loss of availability to authorised users.

  • Phishing : defined as a digital form of social engineering that attempts to acquire private or confidential information by pretending to be a trustworthy entity in an electronic communication.

A cyber incident is to be distinguished from a

  • Cyber attack : defined a malicious attempt to exploit vulnerabilities through the cyber medium to damage, disrupt or gain unauthorized access to assets.

  • Data breach : defined as the [breach] of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to data transmitted, stored or otherwise processed.

Put in other words, an incident is a precursor to a breach and refers to any activity that compromises an institution's cyber security while a breach is the confirmation that protected data have been accessed unlawfully.


Source: FSB Cyber Lexicon


For additional information on cyber regulations and guidelines


On March 27, 2023, Canada’s House of Commons completed its second reading of Bill C-26, an Act respecting cyber security and the protection of critical cyber systems in the federally regulated private sector (read our previous update here).


In July 2022, the Office of the Superintendent of Financial Institutions published Guideline B-13 on Technology and Cyber Risk Management to support federally regulated financial institutions (FRFIs) in developing greater resilience to technology and cyber risks. These guidelines will take effect on Jan 1, 2024 (read our previous update here).


In July 2022, the Investment Industry Regulatory Organization of Canada (IIROC) published a Cybersecurity Self-Assessment Tool to help small and medium-sized IIROC firms identify areas of strength and weakness based on information security practices. This tool and other guides are available on their website.



Recent Posts

See All

The Secured Overnight Financing Rate (SOFR) is a broad measure of the cost of borrowing cash overnight collateralized by Treasury securities. SOFR is the overnight interest rate for US dollar-denomina

13/06/2023 - Canadian Securities Administrators (CSA) SEDAR+ go-live date. All issuer filings, cease trade orders and disciplined list entries will be filed in SEDAR+ 16/06/2023 - OSFI consultation pe

On May 11, the Bank for International Settlements (BIS) published a Handbook on how central bank digital currencies (CBDCs) could work for offline payments, defined as a “transfer of value between dev

bottom of page