Visit our booth at CANSEC on May 27-28

CPCSC: Ensure compliance with confidence

Your expert partner in navigating the requirements of the Canadian Cybersecurity Certification Program.
Logo StreamScan
Talk to an expert
Carte du Canada composée de points lumineux bleus connectés par des lignes représentant un réseau numérique.

What is the CPCSC?

The Canadian Cyber Security Certification Program (CPCSC) was designed to better protect sensitive information exchanged within the Canadian defence supply chain. Inspired by the American CMMC model, this program is based on the NIST 800-171 revision 3 standard.

In fact, Canada adapted this standard to its own regulatory context by developing ITSP.10.171, a Canadian version inspired by NIST 800-171 that serves as the technical basis for the SCCP.

Two Paths Leading to CPCSC Certification
Choose the full organization certification if:
  • You can invest 12 to 18 months in the process
  • Most employees regularly work with designated information (DI)
  • DI circulates across all departments and systems
  • You want uniform security across the entire enterprise
  • You've already started the process using this method
  • You have multiple independent sites that cannot easily connect to a single enclave
Adopt the StreamEnclave secure enclave if:
  • Less than 25% of your employees handle designated information (DI)
  • DI remains in specific departments or projects
  • You need to be ready for assessment in 3 to 4 months
  • You want predictable monthly costs
  • Your sites are connected or users can access a central enclave remotely
Discover StreamEnclave

Why Choose StreamScan

For over three years, we've operated within the defence certification ecosystem, supporting businesses at every step of their compliance journey.

Our services encompass gap analysis, strategic support and implementation of the necessary technologies to meet CPCSC requirements.

Our CMMC Level 2 certification demonstrates our commitment to meeting requirements at the same level as our clients, thus strengthening their cybersecurity posture and significantly reducing their attack surface. Indeed, many intrusions originate from third-party suppliers, so it's essential that your IT and cybersecurity partners are themselves highly secure.

As certified SOC and MDR, this recognition of our technologies and processes enables our clients to reduce the scope of their own assessment, simplify their path to compliance and decrease associated costs.

Insigne de l'organisation certifiée AB Cyber CMMC en tant que Registered Practitioner Organisation (RPO).

You Can Count on StreamScan

Defence Expertise
StreamScan already works with Canadian National Defence and other organizations sensitive in matters of public security and aerospace.
Modèle répétitif de formes géométriques beige ressemblant à des hexagones et rectangles irréguliers sur un fond noir.
CPCSC Acceleration
Our monitoring service and our technology enable us to meet multiple CPCSC standard requirements, which accelerates the process.
Lignes blanches parallèles horizontales de différentes épaisseurs sur fond noir, se rejoignant par un pli angulaire au centre.
Complete Support
Our experts support you throughout the entire process, from gap analysis to auditor management, through implementation of corrective measures.
Motif abstrait composé de rangées horizontales de rectangles blancs inclinés et espacés sur un fond noir.
Portrait d'une femme souriante aux longs cheveux bruns ondulés, vêtue d'un pull col roulé bordeaux et d'une veste blanche, avec un collier argenté.
Ready to take action?
Discuss your needs with one of our cybersecurity experts today
Logo StreamScan
Talk to an expert
Are You a Supplier for the American and Canadian Defence Sectors?
In this case, you're concerned by the cybersecurity requirements associated with the CMMC and CPCSC certification programs. Although there's no official equivalence between these two certifications, Canada may recognize your CMMC certification if its scope corresponds to CPCSC requirements. This could spare you from having to obtain and maintain two separate certifications, which represents significant cost and effort.

Our role is to help you comply with the required standard (CMMC or CPCSC) and align both standards to optimize your resources and remain compliant with both countries' expectations.
CPCSC and CMMC: two frameworks, the same objective
The PCCC and CMMC aim to strengthen cybersecurity in the defence sector, but with approaches adapted to their national context. The CMMC is mandatory for all DoD suppliers in the United States, while the PCCC meets Canadian requirements.

With more than three years of CMMC compliance support, we offer proven and effective support, adapted to the specific requirements of both regulatory frameworks.
Aspect
CPCSC
CMMC
Juridiction
Canada
États-Unis
Target sector
Canadian defence supply chain
U.S. Department of Defense (DoD) contractors
Technical reference standard
ITSP.10.171
NIST 800-171 Rev 2
Legal status
Federal recommendation
Legal obligation
Maturity levels
Equivalent to CMMC levels 1 to 3
Levels 1 to 3
Mutual recognition
CMMC recognition possible
No external recognition
Approach
Canadian approach adapted to the local context
Rigid American standardized frame
Responsible authority
Defence Canada (federal department)
U.S. Department of Defense

Your security deserves a conversation

Contact us today
HomeOpen XDRStreamEnclaveEDRMDRIncident ResponseCMMC CertificationCPCSC CertificationPrivacy PolicyCookies Policy
PartnersAboutCareersBlogVideos and WebinarsToolsWhitepapersResearchCybersecurity StrategyPenetration TestsContact
Cutting-edge cybersecurity solutions tailored to organizations operating in complex environments.
StreamScan Your Cybersecurity Partner Logo
StreamScan needs the information you provide to us to send you our newsletter. You may unsubscribe from our communications at anytime. For more information, check out our Privacy Policy.