Alert:
A nationwide postal strike or lockout may occur as early as November 3, 2004. Dealer Members must take steps to ensure that document delivery requirements prescribed under CIRO Rules continue to be met.
“Active management of cyber risk is critical to the stability of CIRO-regulated firms, the integrity of Canadian capital markets and the protection of investors.” Andrew Krieger, President and CEO, CIRO
Cybersecurity is a key issue for Dealers and CIRO. Cybersecurity has been an important priority for CIRO for the last few years.
CIRO is committed to helping firms strengthen risk management practices and increase cybersecurity preparedness. CIRO’s initiatives include self-assessment surveys, consultations with cybersecurity professionals, and table-top exercises. We also provide educational resources such as best practice guides and webinars to help Dealers plan and implement effective risk controls and response plans for cyber threats and attacks.
CIRO implemented rules to require mandatory reporting of a cybersecurity incident by Dealers to CIRO.
IIROC (now CIRO) conducted cybersecurity self-assessment surveys for all Dealers in 2016, and again in 2018. Each Dealer was issued a confidential Cybersecurity Report (CSR) which identified their level of cybersecurity maturity and set out high-level recommendations for priority attention.
In 2017 and 2019, IIROC (now CIRO) engaged cybersecurity consultants and visited selected Dealers with cybersecurity self-assessment maturity levels below the expected target of their industry peer group.
CIRO hosts table-top exercises to help small and medium-sized firms with cybersecurity preparedness and risk management practices.
CIRO has published guides and resources to help Dealers protect themselves and their clients against cyber threats and attacks.
Here are some links to information and resources provided by the Government of Canada on cybersecurity.