fr
Français
Infographic showing a clipboard with a cybersecurity checklist and a magnifying glass over a checkmark, set against a simplified map of Canada, representing cybersecurity assessment and review.

Strategic and Technical Assessments

Shared insight to support informed decisions and reduce cyber risk

Understanding cyber risk—and where to focus limited resources—is a persistent challenge for research and education (R&E) institutions. Risk is complex, changes quickly, and is difficult to assess or compare across organizations.

CANARIE’s Strategic and Technical Assessment services provide trusted, shared insight to help institutions understand their cybersecurity risk and compliance posture, explain it clearly, and make informed, defensible decisions. Using common frameworks, comparable data, and national‑level analysis, these services improve visibility into risk and maturity, reduce duplication and assessment fatigue, and support more coordinated, risk‑informed investment across the sector.

Together, these services contribute to a clearer national picture of cybersecurity risk, compliance, and maturity—supporting both institutional decision‑making and collective resilience.

Strategic and Technical Assessment Services: A foundation for collective cyber defence

By establishing shared insight and a common understanding of risk, these assessments strengthen coordination across threat intelligence, operations, collaboration, and engagement – driving cybersecurity efforts at all levels to be targeted, defensible, and effective.

National Cybersecurity Assessment (NCA)
National Cybersecurity Assessment (NCA)

A shared view of cybersecurity maturity and risk

A structured, repeatable way for institutions to assess cybersecurity maturity and risk using a common framework.

Institutions receive clear, organization-level insight and comparable data to understand their posture relative to peers, while aggregated results contribute to a national view of risk across Canada’s research and education sector.

Benefits:

  • A common cybersecurity risk language across the sector
  • Comparable insight to support planning and investment decisions
  • A trusted national view of cybersecurity maturity and trends
CUCCIO Benchmarking Service
CUCCIO Benchmarking Service

External cyber risk visibility and peer comparison

Externally derived insight into cyber risk using attack-surface scanning, combined with targeted community surveys.

Institutions gain a clearer view of external exposure and can compare specific practices, such as multi-factor authentication adoption, using a consistent, trusted approach.

Benefits:

  • Independent visibility into external cyber risk and exposure
  • Peer comparison based on a shared methodology
Third-Party Risk Management (TPRM)
Third-Party Risk Management (TPRM)

A collective approach to shared third-party risk

A shared, community-driven approach to assessing and managing third-party and supply chain cyber risk through common tools, processes, and collaboration.

Benefits:

  • More efficient third-party risk assessments
  • Greater consistency across institutions
  • Reduced duplication of effort for common vendors

Currently in pilot with the Research-Intensive Group of Institutions (RIG).

Participate in CANARIE’s Strategic and Technical Assessment Services

  • If your organization is already participating in CANARIE’s Cybersecurity Initiatives Program (CIP), contact [email protected] to sign up for Strategic and Technical Assessment Services at no cost. 

Related:

Cybersecurity Initiatives Program (CIP)
Participate in the CIP
Frequently Asked Questions
CIP Support