BreachExchange mailing list archives
Poor data-breach tracking, reporting concerns federal privacy commissioner
From: security curmudgeon <jericho () attrition org>
Date: Wed, 26 Jun 2013 10:48:11 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.calgaryherald.com/news/Poor+data+breach+tracking+reporting+concerns+federal/8571560/story.html By Jim Bronskill The Canadian Press June 24, 2013 OTTAWA - Canada's privacy czar has singled out several federal departments for their lacklustre approach to data breaches, citing a need for better reporting, security and tracking protocols. Privacy commissioner Jennifer Stoddart's office has compiled a preliminary list of agencies with potentially worrisome patterns when it comes to the loss of Canadians' personal information. The analysis is based on departmental figures tabled in Parliament in April in response to a question from New Democrat MP Charlie Angus. The response indicated there were more than 3,000 data breaches over a 10-year period affecting about 725,000 Canadians. Upon crunching the numbers, the privacy commissioner identified nine departments and agencies that may lack adequate reporting mechanisms, have faulty security procedures or require improved tracking protocols. Stoddart's staff cautions that the figures paint a statistical picture but do not shed full light on the kind of data involved in the breaches. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- Poor data-breach tracking, reporting concerns federal privacy commissioner security curmudgeon (Jun 26)