While far from the top of the world when it comes to the impact of IT data breaches, Canada still experiences its fair share of the problems they create. Recent reports indicated that over 276,000 records were breached in reported incidents in 2014. 
Of course this clearly is not the total extent of the issue as not all events will be reported or captured in the stats if your data is one of the records affected by these incidents and it gets used inappropriately as a result then the issue becomes much more significant than the aggregate story may be. In a recent article covering the release IT World Canada reports that the types of organizations affected is broad and involves both private sector and public sector incidents. The data referenced only reflects publicly reported breaches so any which were handled in house and not reported would not be reflected in the numbers shown.
Data security of all types is one of the biggest challenges what IT departments face as more and more information is captured about customers and while more and more online transactions occur. The sophistication levels of software and procedures are improving but there still is a need to increased effort to ensure that data is held securely as was seen when even knowledgable agencies still experience issues as reported by the Canadian Privacy Commissioner last year.
Wondering how Canada ranks? The report shows that Canada ranks as 23rd on the international scale of data incidents, which is pretty good relatively. Of course being much lower than that would be even better. It will be interesting to see what the impact of impending legislation requiring the reporting of data breaches will be once it comes into place.
As might be expected retail industries lead the world in the volume with just over fourty percent of the total amount related to this sector. What is also interesting to note in the data reported is that fully twenty five percent of the breach volume is created due to accidental loss. Taking steps to avoid this type of problem is something that any business can take so the payoff would appear to be significant if some effort is taken.
Of course the Canadian experience is not as bad as those of many other countries but being complacent due to not being too bad is not a great way to deal with this type of event. Even one single data breach could be significant or disastrous for the organization or for the people who's information is affected.
Lessening the risk of data loss and putting proper security and procedures into place to protect all important company data is an effort worth taking and one which can help avoid many more consequences.
Lee K
