Toronto, ON (February 18, 2011)
–"While it is too soon to determine the full extent
of damages caused by the recent cyber-attack against the Government
of Canada, it is not too early for businesses and the public to
learn the important lessons which this incident provides" says
chartered accountant and computer security expert Jerrard Gaertner.
"We may never know if there were actions which could have been
taken to entirely prevent this disquieting breach of security. We
do know, however, that there were things that could have been done
to make the hacker's job more difficult, at the very
Asked what might have been done better, Gaertner replied:
"As far back as 2002 and then again in 2005, the Auditor
General reported concerns regarding Canada's cyber-security
preparedness. The AG identified a number of issues including
out-of-date standards, the need to improve security monitoring,
insufficient security testing and poor security awareness training.
While progress has definitely been made in these areas since 2002,
cyber-security risks have increased even faster, meaning that at
the end of the day, the government may be farther behind than it
was ten years ago!"
"Add to this the fact that Canada is estimated to spend
approximately $0.50 per person per year on federal government
computer security initiatives, while the US spends closer to $6.00
per person per year and you begin to understand just how far behind
we may have fallen,"
"The lessons for both the government and the private sector
Pay close attention to your computer security and the
protection of your data or you may find your systems and records
Address known vulnerabilities and weaknesses aggressively and
on a timely basis. It is hard enough to deal with new threats as
they arise, let alone new ones and old ones at the same time.
Recognize the value of your information and the potential
cost/loss arising from a security breach. Resource your computer
security function accordingly.
Security is expensive – a compromised system is even
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).