Home > News > Articles > Cyber Safe

October is Cybersecurity Awareness Month – Get Cyber Secure!


Published October 14, 2025

Cybersecurity Awareness Month provides an opportunity for you to learn more about cyber risks and the importance of cyber security and staying cyber safe. Cyber threats present a continuous and growing risk, particularly with the increased use of technology in conducting insurance business activities. Insurance Council of BC licensees have a duty to safeguard clients' personal information and to determine the appropriate safeguards necessary to meet that duty. Licensees are advised to review their current cybersecurity practices, implement measures to prevent cybersecurity incidents, and be ready to respond to them should an incident occur.

We’ve curated a list of resources and tools to help you learn to stay cybersafe and to support you in protecting yourself, your clients, and your devices:
  • The Insurance Council of BC’s Licensee Responsibilities page includes information about licensee responsibilities for cybersecurity practices and safeguarding client information.
  • Government of Canada’s Get Cyber Safe (https://www.getcybersafe.gc.ca/en) provides resources, tools and guidance to support Canadians in staying safe online, including resources on how to secure your accounts, secure your devices, and secure your connections.  
  • Canadian Centre for Cyber Security (https://www.cyber.gc.ca/en) provides guidance, services and support on cyber security for Canadians, including information for individuals, small and medium businesses, and large organizations and infrastructures.
  • Cyber Savvy Canada, created by the Insurance Bureau of Canada (IBC), shares steps business owners can take to reduce their risk of a cyber attack or data breach, along with an assessment about the cybersecurity protocols that cyber insurers may want potential insureds to have when they consider coverage for cyber risks along with providing other cyber resources and information.
  • Government of Canada’ Get Cyber Safe Blog includes this Insurance Bureau of Canada article titled Does your small business need cyber insurance? - Get Cyber Safe, explaining what is cyber insurance and what it covers.
  • BC’s Office of Information & Privacy Commissioner oversees the information and privacy practices of public bodies and private organizations that collect, use or disclose personal information. Their website provides resources, such as privacy breach tools, a privacy breach checklist and a guide for private and public organizations.
  • The Office of Privacy Commissioner of Canada provides resources and guidance on matters involving privacy and technology, including on artificial intelligence, internet and metadata, smart / connected devices, online tracking and cookies, mobile and digital devices, apps, and electronic payments, and more.
 
Additionally, Canadian Insurance Services Regulatory Organizations (CISRO) Cybersecurity Readiness guide supports insurance intermediaries in improving cybersecurity practices and safeguarding confidential client information. Licensees are encouraged to familiarize themselves with the practices outlined in this publication to achieve and ensure cybersecurity readiness. Some of the key measures noted in the publication include:
  • Understanding and complying with the agency's policies and procedures on cybersecurity;
  • Reviewing cybersecurity practices and implementing appropriate measures to address or mitigate any identified risks; and
  • Establishing a cybersecurity incident response plan to protect client information (see ‘Elements to include in a Cyber Incident Response Plan,’ page 7 in the publication).

CISRO’s companion Cybersecurity readiness when using generative artificial intelligence publication intends to raise awareness of the importance of adapting cybersecurity strategies to include the use of generative AI, and identifies practices for individuals and organizations to consider, including:
  • Reviewing and implementing policies and procedures regarding AI use and ensuring established practices are followed
  • Participating in training that helps you understand the various types of AI solutions and how to use them safely
  • Not sharing confidential information in public and open solutions
 
The Insurance Council’s position and requirements on client privacy and confidentiality do not override the requirements under existing legislation, Licensees must also follow the Personal Information Protection Act (PIPA).
 
Cyber Security Awareness Month is a campaign held each October aimed at helping the public learn more about the importance of cyber security and how to stay secure online. Find resources and participate here: October is Cyber Security Awareness Month in Canada - Get Cyber Safe
 
To learn more about licensee responsibilities and requirements, please visit the Licensee Resources page of our website. If you have questions about insurance practice and regulatory requirements, please contact our Practice & Quality Assurance team at practice@insurancecouncilofbc.com or by phone 604-695-2008 or toll-free at 1-877-688-0321 ext. 3.