Bill C-26 / CCSPA Readiness Canada
Cyber Security Readiness for Canadian Critical Infrastructure under Bill C-26 / CCSPA
Praxis-Q prepares Canadian critical-infrastructure operators - telecom, finance, energy, transport - for the Critical Cyber Systems Protection Act (CCSPA) under Bill C-26: cyber security program design, incident reporting workflows and supply-chain risk controls aligned to expected regulatory direction.
Bill C-26 Canada
Bill C-26 / CCSPA Readiness Canada
Cyber Security Readiness for Canadian Critical Infrastructure under Bill C-26 / CCSPA
The Problem
Canada Bill C-26 (CCSPA) will compel critical-infrastructure operators to harden systems and report incidents on strict timelines, with penalties up to $15M. Most designated operators are not yet ready.
What We Do
- Scoping
- Program Design
- Controls
- Incident Reporting
- Assurance
What You Get
- Designation and scope assessment
- Cyber Security Program (CSP) design
- Mandatory incident reporting workflows
- Supply-chain and third-party risk controls
- Maps to NIST CSF and ISO 27001
- Sector-regulator alignment (OSFI, CRTC)
- Tabletop exercises and IR readiness
- Board and executive reporting
Frequently Asked Questions
Who does Bill C-26 apply to?�-�
What are the penalties under Bill C-26?�-�
Is Bill C-26 in force yet?�-�
Ready to Get Started?
Free gap analysis · Proposal in 24hrs · Delivery in weeks