Canadian organizations lack awareness about data breaches – Canadian Government Executive

NEWS

SEARCH

Security
June 28, 2013

Canadian organizations lack awareness about data breaches

One of the consequences of the Information Age in which we find ourselves is that individuals and organizations are facing ever-growing threats of data loss, hacking, and security breaches. Despite this, a study conducted by Reid on behalf of Shred-it illustrates that Canadian organizations in both the public and private sector lack awareness about data security breaches and proper protocol around the disposal of sensitive information.

The State of the Industry report published by Shred-It, a leading document destruction and recycling company, has found that “22 percent of small businesses indicate they are either not at all, or not very aware of their industry’s legal requirements for storing or disposing of confidential data.” And while larger organizations are more aware of their legal requirements, the study finds that many of their employees are not aware of data disposal protocol.

The study also indicates that the “financial impact for those businesses that reported being victims of a breach appears to be on the rise, as 15 percent of large businesses who experienced a breach indicated a loss of more than $500,000 (up from just three percent in 2012).” Despite this increase, as many as 42 percent public of sector organizations in Canada do not have anyone in charge of information security.

The tough economic climate could be responsible for the fact that organizations are cutting spending wherever possible, according to Bruce Andrew, VP marketing at Shred-it. “I’m not saying we’ve had a recession, but we’ve had a tough few years economically. And that’s forced businesses to cut costs and prioritize,” he said in an interview. “They tend to focus more on the bottom line, and it’s understandable. But at the same time, I always say to any business person: it’s not the cost of, it’s the cost of not. Because a breach can be very expensive financially, but even more expensive for the reputation and trust of your customers.”

Andrew praised the Privacy Commissioner of Canada, Jennifer Stoddart, for her role in trying to raise awareness about data security through seminars and meetings, but he felt that the Office of the Privacy Commissioner needs more clout in its ability to enforce unsafe data disposal practices by levying fines and sanctions onto businesses who are not abiding by Canadian privacy regulations.

Canada is lagging behind the U.S. in terms of legislation around privacy and sensitive data disposal, according to Andrew. “When it comes to the sheer size of legislation, there are a couple of pieces of legislation that they have that we don’t have. Hi-tech and HIPPA laws as it relates to healthcare information and privacy are far more rigid there than they are here, and can be quite serious,” he said. “Protection of patient confidentiality and patient information is far more significant in the U.S. than what we have here, and that may be because we don’t have legislation around it, and therefore don’t track any stats around it. That is a big issue.”

In contrast, Canada has in place the Privacy Act, which relates to the government, and PIPEDA for public sector companies and consumers, although Andrew points out that the regulations are largely toothless because there are no penalties in place to prevent organizations from disposing of sensitive information in unsafe ways.

“If I’m a business, other than my own financial penalty of loss of customer, financial results, and reputation, there’s no sanctioning or fining, and so no threat to me from that side of things. That’s one area where we’re lax and we need to improve,” Andrew said.

About this author

0 comments

There are no comments for this post yet.

Be the first to comment. Click here.

Security
 
Earlier this month I had the privilege of testifying as an...
 
Canadian Government Executive Media, (CGE) publisher of Canadian Government Executive magazine...
 
In the last few years, we’ve seen various federal governments warning...
 
Canadian Government Executive is excited to announce the agenda for TechGov...
 
In the wake of the WannaCry outbreak, corporate executives, IT professionals,...
 
Facebook Pages can be an essential tool for businesses and charities,...
 
Cybersecurity professionals have sounded the alarm for years, and they are...
 
CBC deserves full credit for exposing the presence of IMSI catchers...
 
Security professionals have an obligation to communicate risks and recommendations to...
 
Over the decades, technology has been grafted into governments around the...
 
In this episode, J. Richard Jones talks about being candid about...
 
Criminals have reportedly threatened to take over 250 million Apple accounts...
 
In this episode, hear more about how Canada is a prime...
 
While the incoming administration of President-elect Donald Trump is being buffeted...
 
In the world that we are living in today, free and...
 
The RCMP adopted a new media strategy earlier this month by...
 
What would tomorrow’s cybersecurity look like? That’s an intriguing question to...
 
Terrorism operates with deadly regularity. In June 2016, a gunman who...
 
Just as the federal government has begun consultations on cyber security,...
 
Efforts by the government to counter the radicalization of young Canadians...
 
Canadian healthcare organizations and businesses in the financial industry are the...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
The challenge is clear: a fast-paced industry pressures organizations to simultaneously...
 
As populations grow and age, the demand for services increases. As...
 
By Michael Murphy Not all assets can and should be equally...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Now more than ever, organizations in both the public and private...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
As the battle between the FBI and Apple continues to escalate,...
 
Please to view this Content. (Not a member? Join Today! )...
 
Meet Bob Heart.  He is an outstanding employee who works hard...
 
A new study released yesterday, Securing the C-Suite, Cybersecurity Perspectives from...
 
Please to view this Content. (Not a member? Join Today! )...
 
Please to view this Content. (Not a member? Join Today! )...
 
Yesterday, Ontario Supreme Court Justice John Sproat ruled that the Peel...
 
I wrote about accountability more than a year ago. Recently, a...
 
Intelligence agencies have had widespread and long-running programs to gather, analyze...
 
What concerns me is whether or not we’ve got the balance...
 
One of the consequences of the Information Age in which we...
 
In March of 2011, the east coast of Japan was rocked...
 
BYOD is hot! But is it for you? If yes, which...
 
Protecting critical infrastructure from cyber threats is the shared responsibility of...
 
In numerous interviews with senior military commanders over the past several...
 
In early February, James R. Clapper, the U.S. director of national...
 
The widespread adoption of mobile devices as enterprise-level tools is occurring...
 
CGE Vol.13 No.2 February 2007 Public security, once a task relegated...
 
CGE Vol. 14 No.4 April 2008 In recent years, policy makers...
 
L’univers de la sécurité des TI évolue rapidement. À mesure que...
 
The world of IT security is rapidly evolving. As quickly as...
 
Cyber attacks don’t have to look highly sophisticated. Hackers are purposely...
 
The announcement regarding the establishment of Shared Services Canada (SSC) was...
 
There was probably a day in spring of AD 72 that...
 
The changing face of public and personal privacy in the face...
 
What role should governments and public servants play in safeguarding personal...
 
Some title Some author
Some excerpt
 
Some title Some author
Some excerpt
Earlier this month I had the privilege of testifying as an...

Member Login

Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.