How to develop a cyber security action plan

Crossing your fingers and hoping bad things don’t happen is not appropriate planning, either in life or in cyber security.

That’s why we created this blog post – to help you come up with an action plan that enables you to become more cyber secure.

Take stock of your devices and accountsa family in a kitchen looking at a tablet

Remember the days when it was common for  Canadians to have one or maybe two devices? A home desktop computer allowed us to complete nearly all of the “digital” tasks we had.

Then came home Wi-Fi routers, smartphones, tablets, and smart speakers.

Now,  devices are everywhere. We might use some of them – such as our phones or smart TVs – every day . Others, we might have forgotten about entirely.

The first step in coming up with a cyber security action plan is to identify all your devices . That way you can figure out which devices need to be protected and which need to be retired.

But it’s not enough to just take stock of your devices. You also need to identify all your accounts .

Some, such as the social media accounts we use every day, are obvious. Others, like a service we signed up for once many years ago, may be long forgotten.

Either way, you’ll want to take stock of accounts so you can move on to the next step: identifying any weak spots.

Decide where you’re weak on cyber security

There are certain areas where we are particularly vulnerable to cyber criminals – where not taking the right steps could lead to more severe consequences for our finances, identity or time.

For example: Bank accounts are  important. If you don’t have, at the very least, a passphrase or complex password to protect your online account, then that should be a priority for you.

Your email account is another priority area, since it is used to sign up for and access many different other accounts (such as using the “forgot password” feature). If you don’t have multi-factor authentication or a passphrase or complex password   enabled for your email, that’s a weakness.

A good place to start identifying weaknesses? The Get Cyber Safe cyber security assessment tool.  It asks you a series of questions and gives you a detailed plan for what to do next.

By identifying the areas where you are vulnerable, you can then move on to the crucial third step.

Put the highest-priority items into action

Ideally, we’d all have a perfect record when it comes to cyber security. However, we can’t let “perfect” be the enemy of “good” when it comes to making ourselves more cyber secure.

Once you have the items you need to focus on to make yourself more cyber secure, you need to start somewhere.

The best place to do so? With the items that are most important.

If you have weak passwords on any of your most-used accounts, changing them to use passphrases or complex passwords is a great place to start.   Make sure you use a unique password for each account.

Using passphrases or complex passwords but don’t have multi-factor authentication enabled on your social media accounts? That’s a good place to focus your energy.

A great way to ensure nothing gets missed is to pick one item to work on each week, then slowly work your way down the list.

It’s an important step in leaving you with an actionable plan for keeping yourself cyber secure.


Cyber security doesn’t need to feel overwhelming. By following the tips above, you can come up with a plan that allows you to address your key weak spots in no time.


Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: