Commissioner's Blog

Dive into Commissioner Kosseim’s insightful blogs covering privacy, access, cyber safety, and beyond. Stay informed and explore the latest insights.

It’s Cybersecurity Awareness Month: Read Twice, Click Once

News of cyberattacks continues to dominate headlines across the country. From individual instances of identity theft to large-scale ransomware attacks involving millions of people, these malicious assaults on our personal data systems show no sign of abating. As their tactics become more sophisticated, cybercriminals are finding increasingly insidious ways to lure victims.  Now, during a time in which a worldwide pandemic has forced us to conduct most of our lives online, the need to be vigilant has never been more important.

October is Cyber Security Awareness Month. This month-long, international campaign is intended to inform the public about the importance of cyber security, and provide education on the steps to take to become more secure online. This year, Cyber Security Awareness Month will focus on how we can better protect our personal devices.

The IPC has developed a number of resources designed to help public sector organizations,  health professionals, and the public safeguard personal information online and better protect themselves from falling prey to cyberattacks.

Safeguarding personal information online is crucial in preventing identity theft. Minimizing the amount of personally identifiable information on social media and using strong passwords are just some of the online protections we explore in Identity Theft: a Crime of Opportunity.

Phishing can happen in an instant - you open an email with an infected attachment, click on an innocent-looking link that downloads malware, and within moments, you’ve exposed your most sensitive personal or confidential information to attackers. Our fact sheet, Protect against Phishing, contains guidance for institutions and the public on how to recognize phishing messages, protect against phishing attacks, and limit the damage in the event of an attack.

Ransomware attacks often involve bad actors infiltrating large-scale information systems to kidnap (quite literally) huge volumes of client data and hold it for ransom.  Victim organizations must choose between paying large sums of money being demanded or seeing all the data released online, resulting in devastating privacy breaches and loss of public trust. To help public organizations and healthcare facilities protect themselves from ransomware, our office published Protecting against Ransomware, which outlines various strategies for protecting information and responding to attacks.

Privacy Rights of Children and Teens, a lesson plan produced by MediaSmarts for Canada’s federal, provincial and territorial data protection authorities,  examines the potential privacy risks of online engagement and how young people can protect their personal information through better knowledge of their personal privacy rights.

By being aware of the risks, we can better protect ourselves from falling into the traps of bad actors who try to use our personal devices against us — particularly at a time when we have become so highly dependent on technology to work, go to school, shop, attend appointments and socialize online.

I hope you will take some time this month to review these IPC resources on cyber security and check out the Cyber Security Awareness Month website on a weekly basis to learn some new tips on how to better secure your devices.

Adopting that old carpenter’s adage, we should always remember to “read twice, click once.”

Stay safe everyone!

Media Contact

For a quick response, kindly e-mail or phone us with details of your request such as media outlet, topic, and deadline:

Email: @email
Telephone: 416-326-3965

Contact Us

Social Media

The IPC maintains channels on Twitter, YouTube and Linkedin in its efforts to communicate to Ontarians and others interested in privacy, access and related issues.

Our Social Media Policy

Help us improve our website. Was this page helpful?
When information is not found


  • You will not receive a direct reply. For further enquiries, please contact us at @email
  • Do not include any personal information, such as your name, social insurance number (SIN), home or business address, any case or files numbers or any personal health information.
  • For more information about this tool, please see our Privacy Policy.