CSA Identifies Cybersecurity Gaps in 73 Registered Firms, Issues New Guidance

CSA Identifies Cybersecurity Gaps in 73 Registered Firms, Issues New Guidance

First seen 16 Jul 2026, 04:26 UTC Newswire.CaWealthprofessional.CaInsurancebusinessmagwww.securities-administrators.ca 92% similarity 39.9

Article Content

Browse articles
ThreatCluster

The Canadian Securities Administrators (CSA) published Staff Notice 33-322 on July 15, 2026, after reviewing the cybersecurity practices of 73 registered firms. The examination revealed that while many larger firms had robust cybersecurity frameworks, significant gaps were identified in areas such as employee training, risk assessments, and incident response planning. Notably, 21% of firms provided no cybersecurity training, and 12% had no documentation of risk assessments. The CSA aims to provide scalable guidance for firms of all sizes to enhance their cybersecurity practices. Compliance feedback has been given to the firms, and the CSA emphasizes that strong cybersecurity practices are essential in the current threat landscape. This review aligns with a broader regulatory push to tighten cybersecurity expectations across the Canadian financial sector.

Key Points: • CSA found cybersecurity gaps in 73 registered firms during a compliance review. • 21% of firms provided no cybersecurity training to employees, highlighting a significant weakness. • The guidance aims to help firms of all sizes strengthen their cybersecurity frameworks.

ThreatCluster AI

Timeline

2025-07-01
CSA began compliance examination of registered firms
The CSA initiated a focused review of cybersecurity practices across 73 registered firms, assessing their policies and procedures.
Wealthprofessional.Ca
2026-07-15
CSA publishes Staff Notice 33-322
The CSA released updated guidance based on its findings, highlighting gaps in cybersecurity practices among firms.
Newswire.Ca
2026-07-16
CSA issues compliance feedback to firms
Following the review, the CSA provided compliance feedback to firms to help address identified cybersecurity gaps.
Insurancebusinessmag

Community

Browse all →