Canadian companies are at high risk for data breaches

According to a Statistics Canada report, 56% of the respondents said they believed threats sometimes fall through the cracks.

Findings reveal that 6% of the private Canadian enterprises experienced an internet security breach in 2013. About one-quarter of those reporting a breach (about 260 companies) said client or proprietary information had been corrupted, stolen or accessed without authorization.

In Canada, there is no federal law that requires private companies to disclose breaches to the government or those affected. That may change with Bill S-4, the Digital Privacy Act, now before Parliament. The act proposes making it mandatory for federally regulated businesses, as well as federal government agencies, to report significant breaches to the federal privacy commissioner and to customers and clients whose private information was leaked.

A report conducted by the Ponemon Institute reveals that 36% of the Canadian companies had experienced one or more cyber-attacks in 2013, which infiltrated networks or enterprise systems.

Also, 89% of the Canadian respondents said they know another security professional whose company had sensitive or confidential data stolen as a result of an inside threat, while 23% of the Canadian cyber security teams never speak with their executive team. Of those who did, nearly half did so only annually or semi-annually, while only 2% talked weekly with executives about security.

Canadians credit and debit cards, for instance, use computer chips and passwords that are more secure than the magnetic stripes still used commonly in the US. That means criminals are more likely to target transactions where card information is entered without a physical contact.