Cyber Certification Readiness™ Reference CCR-CA-2026.1
Active Program: Level 1 Effective April 2026
1.0  ·  Program Overview

Operate at the level you’re being asked to certify for.

siberX helps defence suppliers prepare for Canada's cyber certification requirements through readiness assessment, simulation, employee training, escape rooms, gamified learning, and operational validation.

Readiness → Validation → Confidence → Certification Support
Start Readiness Assessment Schedule a Call

Built for defence suppliers, contractors, and organizations preparing for Canadian cyber certification requirements.

1.1  ·  Why This Exists

Certification is not the hard part. Operating at that level is.

Many suppliers can assemble policies and paperwork. Far fewer can prove that their people, teams, and leaders will actually perform at the required level when real cyber pressure appears.

Documentation-Only Approach

  • Policies without behavior
  • Controls without practice
  • Audit prep without pressure
  • Compliance without confidence

siberX Approach

  • Readiness assessment
  • Simulation-based validation
  • Employee training that changes behavior
  • Operational confidence under pressure
2.0  ·  Our Approach

Readiness first. Validation second. Confidence before assessment.

siberX combines assessment, cyber simulations, cybersecurity escape rooms, gamified learning, and audit rehearsal to help organizations close gaps before they become contract risk.

I. Assess Find the real gaps.
II. Train Build role-based awareness.
III. Simulate Test performance under pressure.
IV. Validate Confirm the organization can operate at the required level.
3.0  ·  Level 1 Readiness

Foundational cyber hygiene, operationally validated.

Level 1 is the current entry point and is based on an annual self-assessment covering 13 controls. siberX helps organizations prepare for that self-assessment and operate at that level in practice.

Level 1 readiness support can include
  • Annual self-assessment preparation
  • Control gap review
  • Evidence readiness
  • Employee behavior validation
3.1 Readiness Assessment
  • Map current state to Level 1 requirements
  • Identify people, process, and technology gaps
  • Prepare a practical action plan
3.2 Cybersecurity Escape Room™ — Compliance Edition
  • Phishing and credential compromise scenarios
  • Data handling and access control scenarios
  • Awareness through immersive behavior-based learning
3.3 Gamified Cyber Learning™
  • Interactive role-based learning
  • Scoring and tracking
  • Measurable engagement
3.4 Audit & Self-Assessment Rehearsal
  • Practice likely questions
  • Prepare evidence
  • Reduce submission anxiety
Outputs
Level 1 readiness score
Gap and action plan
Training completion metrics
Self-assessment readiness package
“We can operate at Level 1, not just claim we understand it.”
Start Level 1 Readiness
4.0  ·  Advanced Readiness

Prepare early for the next levels — before they become mandatory.

Level 2 and Level 3 are still under development, but Canada has already signaled the structure and phased rollout. siberX helps organizations get ready before those requirements become urgent.

Planned as 98 controls with triannual external assessments by accredited certification bodies, plus annual affirmation.

Focus areas
  • Stronger access control
  • Monitoring and logging
  • Incident response
  • Governance and accountability
  • Vendor and third-party readiness
Recommended siberX support
  • Advanced readiness assessment
  • War room simulation
  • Cross-functional tabletop exercises
  • Vendor and third-party risk simulation
  • Audit rehearsal

Planned as 200 controls with triannual Government of Canada assessments, plus annual affirmation.

Focus areas
  • Higher-assurance control maturity
  • Leadership and governance response
  • Documented operational resilience
  • Enterprise-wide validation under pressure
Recommended siberX support
  • Executive war room
  • Crisis-to-board simulation
  • Advanced decision testing
  • Continuous readiness scoring
  • Board and leadership rehearsal
siberX supports readiness and operational preparation. Official certification and assessment requirements remain governed by the Government of Canada and its designated bodies.
Discuss Advanced Readiness
5.0  ·  Official Program Snapshot

The full Canadian cyber certification program at a glance.

As outlined by the Government of Canada and its designated bodies. siberX prepares organizations for each tier; assessment and certification authority remains with the Government of Canada.

Tier Controls Assessment Cadence Status
Level 1 13 controls Annual self-assessment Active
Level 2 98 controls Triannual external assessment + annual affirmation In Development
Level 3 200 controls Triannual Government of Canada assessment + annual affirmation In Development
6.0  ·  Experience Layer

Training that changes behavior, not just awareness.

Exhibit A A

Cybersecurity Escape Rooms™

Immersive scenarios for teams, departments, and leadership.

Exhibit B B

Gamified Cyber Learning™

Interactive challenges with measurable participation and progress.

Exhibit C C

Tabletop Simulations™

Cross-functional exercises that expose decision gaps and response friction.

Exhibit D D

Cyber War Rooms™

High-pressure simulations for leadership and escalation readiness.

Exhibit E E

Audit Simulation Exercises

Practice the questions, evidence, and operational proof that matter.

Exhibit F F

Third-Party Risk Scenarios

Test how partners and suppliers affect readiness.

7.0  ·  Outcomes

Move from compliance anxiety to operational confidence.

Understand real gaps
Train people in context
Validate controls under pressure
Improve audit readiness
Strengthen third-party resilience
Reduce contract risk
8.0  ·  Best Fit

Built for organizations that cannot afford to be unprepared.

  • Defence suppliers
  • Government contractors
  • Subcontractors handling sensitive information
  • Organizations expecting Level 1 requirements first
  • Organizations preparing ahead for Level 2 or Level 3
  • Firms that want readiness, not just paperwork
9.0  ·  Why siberX

Most providers prepare you for an audit. We prepare you to operate.

Traditional Support

  • Documentation-heavy
  • Static compliance guidance
  • Low behavioral validation
  • Little pressure testing

siberX

  • Simulation-based readiness
  • Immersive cyber training
  • Role-based learning
  • Operational validation under pressure

Need help understanding your likely certification path?

Talk to siberX
10.0  ·  Closing Position

Certification support is useful.
Operational readiness is decisive.

siberX helps organizations prepare for Canadian cyber certification requirements by combining assessment, training, simulation, and operational validation into one readiness system.

Start Your Readiness Assessment Schedule a Call
Prepare for the requirements  ·  Operate with confidence