Aug 22, 2014
Canadian companies are at high risk for data breaches
Canada – More than one-third of Canada’s IT professionals have had a significant data breach in 2013 that could put their clients or their organizations at risk, a recent study shows.
According to a Statistics Canada report, 56 per cent of the respondents said they believed threats sometimes fall through the cracks.
Findings reveal that six per cent of the private Canadian enterprises experienced an internet security breach in 2013. About one-quarter of those reporting a breach (about 260 companies) said client or proprietary information had been corrupted, stolen or accessed without authorization.
In Canada, there is no federal law that requires private companies to disclose breaches to the government or those affected. That may change with Bill S-4, the Digital Privacy Act, now before Parliament. The act proposes making it mandatory for federally regulated businesses, as well as federal government agencies, to report significant breaches to the federal privacy commissioner and to customers and clients whose private information was leaked.
A report conducted by the Ponemon Institute reveals that 36 per cent of the Canadian companies had experienced one or more cyber-attacks in 2013, which infiltrated networks or enterprise systems.
Also, 89 per cent of the Canadian respondents said they know another security professional whose company had sensitive or confidential data stolen as a result of an inside threat, while 23 per cent of the Canadian cyber security teams never speak with their executive team. Of those who did, nearly half did so only annually or semi-annually, while only 2 per cent talked weekly with executives about security.
Canadians credit and debit cards, for instance, use computer chips and passwords that are more secure than the magnetic stripes still used commonly in the US. That means criminals are more likely to target transactions where card information is entered without a physical contact.