The cyber environment is increasingly hostile and uncompromising—bad actors exploit the cyber-vulnerable; governments and regulators increasingly demand cyber protections for their constituents.
Canada's banking regulator recently updated its Technology and Cyber Security Incident Reporting requirements for financial institutions to disclose and report cybersecurity incidents. And, for the first time since 2013, it updated its Cyber Security Self-Assessment tool.
The first step is easily accomplished by reviewing a few definitions. The second step is trickier. The third step may involve a lot of work, but you can start with six straightforward steps.