http://www.theglobeandmail.com/commentary/editorials/article4632711.ece By The Globe and Mail Oct. 23 2012 Even bankers no longer observe bankers’ hours. So it is disconcerting to learn from Canada’s Auditor General that employees at a centre in Ottawa responsible for monitoring cyber risks and alerting the government and private sector to threats to critical infrastructure adhere to an 8 a.m. to 4 p.m. weekdays-only routine. Were it only the case that cyber criminals, spies and hackers kept such a predictable schedule. The Canadian Cyber Incident Response Centre (CCIRC) is so low profile that many businesses are unaware of its very existence. In fact, apparently some federal government departments are too. When hackers traced to China succeeded in penetrating Treasury Board and Finance Canada’s systems in January, 2011, the centre was not even notified by the affected departments until more than a week later, according to the report released Tuesday. Despite a decade of plans and promises to do better, the report found that only “limited progress” has been made in improving security of crucial networks. Ottawa announced last week it would add $155-million over five years to strengthen the centre’s capacity – and this is welcome news. Last year, it made the Communications Security Establishment Canada officially responsible for reducing cyber threats against the government. Clearly more vigorous safeguards are needed, not least of them an evening shift at the CCIRC, but also better coordination among government agencies, and a higher level of rigour and surveillance around information technology security. [...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.orgReceived on Tue Oct 23 2012 - 22:40:43 PDT
This archive was generated by hypermail 2.2.0 : Tue Oct 23 2012 - 22:41:22 PDT