BC Government’s cybersecurity practices found lacking by Auditor General

Hello Class,

I found this article in this morning’s Vancouver Sun. I personally find cybersecurity a prevailing issue that seems underemphasized in the public sphere unless a significant data breach has occurred. One that stands out is the privacy breach of personal health records of millions of Canadians that Lifelabs failed to protect in 2019. According to Michael Pickup, the auditor general’s report, management shortcomings are:
• policies and standards lacked specific guidelines for identifying and managing IT assets for the purpose of managing cybersecurity risks;
• cybersecurity roles and responsibilities were not clearly established, including those for managing IT assets; and
• inventories of IT assets and maps of organizational communication and data flows were incomplete and inaccurate

A cyberattack occurs every 39 seconds and data breaches exposed 8.4 billion records globally in the first four months of 2020. On a positive note, the auditor’s findings did exclude the Ministry of Education and the Ministry of Citizen’s services from these shortcomings.

Enclosed are links to the report and an article hosted by ‘Vancouver is Awesome’ webpage for anyone who is interested.

https://www.bcauditor.com/sites/default/files/imce/OAGBC_JAN_NR_FINAL.pdf

https://www.vancouverisawesome.com/bc-news/british-columbia-government-lax-on-cybersecurity-practices-auditor-reports-3275215

Leave a Reply