OTTAWA — Protecting electronic information and preventing cyber-crime can only be accomplished with public and private sector collaboration, the Ontario government’s chief information officer says.
At the Canadian IT Security Symposium held this week at the Ottawa Congress Centre, IT security
experts from around the world have come together to share ideas on everything from how to conduct business securely over the Internet to protecting against the risk of cyber-crime.
Ontario CIO Greg Georgeff spoke to symposium delegates Wednesday morning about the security challenges his government faces as it attempts to become a world leader in offering e-government solutions to the public.
Georgeff said that while people now expect more government services to be made available online and information to be more accessible, the public needs the assurance that private information remains secure and accessible only by those with proper authorization.
“Authentication is the point where security and privacy meet,” Georgeff said. Governments must turn to the private sector for authentication solutions, he added.
Georgeff identified Public Key Infrastructure (PKI) systems and biometrics, the identification of individuals using biological traits, such as those based on retinal or iris scanning, as authentication solutions that need to be improved by the private sector. He did not make any specific recommendations, however, about how these solutions can be improved.
New security enhancements such as biometrics are controversial, he added. Some members of the public argue this type of information collection could be exploited by governments as a way of compiling large amounts of personal information, and thus keeping a more watchful eye on citizens.
“We must ensure that security is not achieved at the expense of privacy,” said Georgeff. Proper legislation coupled with private sector creativity will accomplish this, he said.
The former U.S. ambassador to Canada, Gordon Giffin, addressed other challenges facing governments as they become more accessible to the public.
“Greater accessibility equals greater vulnerability,” Giffin said. Protecting electronic information from hackers and other forms of cyber-crime becomes more difficult, especially when government agencies have become increasingly interconnected.
The events of Sept. 11 have made the public more aware of security threats, even though threats to IT security have always existed, Giffin added. “But nothing motivates policy change like public awareness.”
Echoing Georgeff’s words, Giffin said a rational policy solution for the protection of electronic information can only be enhanced by both public and private sector participation.
The IT Security Symposium ends Friday.
Liam Gerofsky is an Ottawa correspondent for ITBusiness.ca.