Data lost or breached at 82.5 per cent of government IT systems in Canada

Government IT managers in Canada are over-confident and reactive rather than proactive when it comes to protecting public data from security threats, a new study suggests.

Although 97.5 per cent of government IT security softwaredecisionmakers say their systems have been exposed to some sort of directsecurity threat or challenge in the past year – and 82.5 per cent havesuffered a data loss or breach in the sameperiod — 80 per cent ofthem still feel “confident” or “very confident” about their ability toprotect mission critical data.

Leger Marketing surveyed 40 randomly selected IT managers responsiblefor security software decisions at the federal, provincial andmunicipal government levels. They were polled in February for securitysoftware vendor McAfee Canada.

“I think there’s some reason to be tightening things up. Thirty percent have lost confidential information. That’s a fairly significantnumber,” said Doug Cooke, director of sales engineering at McAfeeCanada.

Another 30 per cent said they were subject to a privacy investigationas a result of a data loss or breach within the 12-monthperiodinvolved.

In addition to a disconnect between the confidence level of governmentIT security personnel and the actual reality of the threats they’veexperienced, the study also found the respondents to be reactive ratherthan proactive when it comes to security issues. Over half (57.5 percent) said they spent more time responding to security threats andrecovering from them after the fact than on identifying risksbeforehand.

Social media, BYOD threats
Social media and bring your own device (BYOD) trends are also creatingnew security headaches for government IT systems. Even though 62.5 percent allow employees to access social media sites from work, 56 percent of those permitting it believe it increases their risk of threats.And while 40 per cent let staff use personal devices for work, only 25per cent of those allowing the practice have a BYOD security policy inplace.

“(BYOD) is an increasing concern (that’s) probably not as big as thetargeted attacks … but it’s a growing area that needs to beconsidered,” Cooke said. “The amount of malware in newer Androiddevices that are coming out is much less and it’s not as sophisticatedas it is in the classic Windows environment. But (mobile) devices arenot protected as well as traditional Windows devices.”

McAfee also made recommendations for IT security managers at all threelevels of Canadian government:

–    move towards creating a nationalmechanism to share security information and knowledge across variouslevels and departments of government as well as with the private sector
–    increase awareness around the movementand protection of data
–    move more quickly to respond and adaptto changing technology trends, such as BYOD and social media, sogovernment can develop security strategies to deal with them

Christine WongChristineWong is a Staff Writer at ITBusiness.ca. E-mail her at cwong@itbusiness.ca,connect on Google+,follow her on Twitter,and join in the conversation on the IT BusinessFacebook Page.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Christine Wong
Christine Wonghttp://www.itbusiness.ca
Christine Wong has been an on-air reporter for a national daily show on Rogers TV and at High Tech TV, a weekly news magazine on CTV's Ottawa affiliate. She was also an associate producer at Report On Business Television (now called BNN) and CBC's The Hour With George Stroumboulopoulos. As an associate producer at Slice TV, she helped launch two national daily talk shows, The Mom Show and Three Takes. Recently, she was a Staff Writer at ITBusiness.ca and is now a freelance contributor.

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.