Ann Cavoukian, the province of Ontario's Information and Privacy Commissioner, has pledged to determine how the personal information of a disabled Toronto woman reached the hands of U.S. Customs and Border Protection (CBP).
Canada's new anti-spam law, which was passed by Parliament in December 2010, will come into force on July 1.
A new, cutting-edge forensic evidence center in Toronto is protected by technology as advanced as scientists apply to their work inside its labs.
Data on a hard drive is not equal to the same material stored in a filing cabinet, according to the Supreme Court of Canada.
There are signs that indicate that in the year ahead, we will see more companies develop a proactive, strategic security program and supplant the traditional notion of "achieving compliance" as an equivalent to security.
Based on the increasing volume of data businesses now manage, and the growing capabilities of cyber criminals, certain scenarios will become commonplace in 2014.
Again, it's the time for the annual "doom and gloom" security outlook for the coming year. Understandable, when after a busy season of attacks it seems likely that next year will only bring worse.
I'm not a big predictions guy. I don't own a crystal ball, though I have been known to ask questions of my daughter's "Magic 8-Ball" on occasion. When it comes to enterprise IT, however, I do have some strong opinions about what 2014 will bring.
With this year's holiday season here, online retailers should be focused on preparing their networks for increased traffic as well as protection from cyber threats.
As if 2013 was not exciting enough in the world of cyber security, 2014 will continue to keep us on our toes.
We will not only see a new level of where the bad guys will target but how and what they are attacking, namely hardware. Here are the areas which deserve attention in 2014.
The use of two-factor authentication, along with advancements in 3-D camera and facial recognition technology, will soon come together as one.
The need for computer forensic examiners (aka "CFE") is on the rise.
BitDefender's Alexandru Catalin Cosoi discusses role and what he'd like to see occur in the security space.
December's threat of the month is domain hijacking, a popular attack technique that takes over major domains.
In this month's debate, experts discuss whether the biometrics on Apple's iPhone 5s will evolve the security of personal devices.
We must stop the insanity by focusing on the data and controlling privileged user access.
The right form of network security can - and will - support continuous monitoring and network security management initiatives.
Don't hang your hat on enterprise app store security, says Jack Walsh at ICSA Labs.
Like no other year before it, 2013 illustrated for the entire globe just how essential cyber security is to business endurance, economic durability and personal rights to privacy.
Information security personnel are challenged with protecting company reputation and enterprise and customer data from a constant and expanding barrage of cyber criminals.
A strong cyber threat intelligence program should include proactive analysis of network traffic, testing of theories based on our understanding of human behavior.
As long as we treat personal information as property, we are faced with an unavoidable dilemma. If we are data and data is property, then we may become property.
Canada's banking regulator has issued a set of cyber security guidelines for financial institutions, warning that banks must be on the lookout for online fraudsters.
Canadian lawmakers are seeking to legislate more oversight of Canada's secretive spy agencies, arguing that citizens don't know enough about what they're doing.
Canadian government agencies hit an all-time high for privacy complaints and data breaches this year, according to the annual report from the federal Privacy Commissioner.
One issue with password systems has always been the 'reset' problem: what to do when a user forgets their password.
The Tesla fire does not have anything to do with DDoS attacks, but there is one valuable lesson to be learned: Organizations could be better prepared to perform like a Tesla on fire when they face a DDoS attack.
The time and energy to optimize a service or process is often seen as an unaffordable luxury, says Jesse Bowling senior information security engineer, American University.
This month's threat of the month is the major zero-day vulnerability that affects Internet Explorer versions 6 through 11.
In this month's debate, we received a number of responses to our debate topic this month, which covers the NSA's attempts to crack encryption methods.
CSOs need to be able to function at the highest levels of an organization while not being tethered to a specific department or operational function.
The first step toward better protecting an organization is to learn how cyber attacks work.
We don't need to make the same mistakes of the first generation of PCs and servers, says the SANS Institute's John Pescatore.
Most agree, CISOs are at a crossroads now, says Illena Armstrong, VP, editorial, SC Magazine.
Using Big Data for security is the "new hotness," says Holly Ridgeway, SVP and CISO enterprise systems at PNC.
Why does the lure of the cloud tempt businesses to put ever more sensitive data at risk? Richard Moulds, VP of strategy at Thales e-Security examines the situation.
Since NIST has no regulatory or statutory authority to enforce its use, the Framework must include specific information and guidance that business leaders will want to follow.
Web attacks are a constant, known enemy of every organization. As we're currently in Cyber Security Awareness Month and web attacks are more frequent than ever, web security is in fashion.
In a perfect world, enterprises would know exactly when an auditor is going to show up, the questions they will ask, and data would be presented on a silver platter ready to prove the organization's compliance.
It's surprisingly easy for an attacker to set up a rogue wireless access point with open access and perform a MiTM attack, gaining access to a wealth of sensitive information.
Canadian mobile company BlackBerry has realigned its business to refocus on enterprise customers after losing almost a billion dollars in a single quarter.
Two controversial pieces of privacy legislation have been killed after Canada's prime minister prorogued parliament.
Ontarian regional municipality Peel admitted this week to losing the personal information of more than 18,000 people in a security breach.
Open source is growing in the enterprise, but oftentimes when people think of open source, they are concerned about the potential security issues.
This month we asked Gregory Gong, managing partner, Wall Street IT Management, about his job.
October's threat of the month allows for remote code execution vulnerabilities to affect Java prior to version 7 Update 25.
In this month's debate, experts discuss whether the Computer Fraud and Abuse Act is out of date, and if punishments are disproportionate to offenses.
By mining log data and managing it proactively - instead of ignoring it until something goes wrong - organizations can mitigate risk, ensure service availability and promote operational efficiency.
Targeted malware attacks are growing in number, sophistication and severity in the potential damage they can inflict on victims.
Cloud providers must be evaluated before moving operations, says the DTCC's Mark Clancy.
Still more revelations about National Security Agency (NSA) operations and practices that intrude on U.S. citizens' privacy and seemingly make a mockery of Constitutional rights have emerged, leaving both the general public and experts in the technology space reeling.
A major area of concern for security personnel these days is how we are able to achieve and maintain compliance with multiple regulatory governing bodies.
Information security is in place not only to make ourselves more resilient to threats, but to create a mutually established trust with which we can communicate with reasonably expected results.
Organizations are counting on information sharing measures that are so manually intensive, that they are unable to scale to meet critical computer network defense requirements such as speed and accuracy.
Canadian firm Bionym has launched a wearable device offering heartbeat-based biometrics.
Ontario Privacy Commissioner Ann Cavoukian has introduced a policy that she says will allow privacy and counterterrorism surveillance to exist in harmony.
Canada's Royal Canadian mounted police swooped on a data center in the Burnaby, BC area this month, seizing computers that they say may be linked to a $500 million botnet.
The methods that attackers are using continue to evolve in terms of sophistication and sheer cleverness.
September's "Me and my job" features Geoff Linell, group CIO for Celerant Consulting.
September's threat of the month is the Android master key vulnerability, which can bypass signature verification to gain full system-level access.
A number of experts weighed in on this month's debate concerning a statement from DefCon founder Jeff Moss that feds should stay away from DefCon.
There are a few key things every business should consider to truly improve data security.
There are serious risks involved when dealing with phishers.
Robust enterprise security requires more than checking compliance boxes, says Diebold CSO Adam Williams.
The power of information as a commodity only continues to deepen as it satisfies so many disparate needs and wants.
We CISOs and CSOs are the generals in the global cyber war. If you haven't thought about your role in these terms, then you are ripe for ambush.
The latest version of the payment security industry's data safeguarding standard should also include mandates and guidance around risk management, penetration testing and mobile.
IT security professionals must learn to identify trustworthy and reliable products and vendors. But keep in mind, no matter how objectively certified a product may be, if the vendor has a poor reputation, the product will lose credibility.
It used to be that organizations were concerned about migrating their data to the cloud out of fear of hackers or disgruntled insiders. But Edward Snowden's NSA leaks show there's a new threat actor: the government. Encryption can help.
A federal member of Parliament supports Britain's plan to legislate opt-in permission to view pornographic websites, and said she would like to see a similar program in Canada.
While maintaining that his company's Glass product is still in its developmental stage, Google's global privacy counsel, Peter Fleischer, has assured four of Canada's privacy commissioners that the concerns they and others expressed are unfounded.
A tragic cyber bullying case has led the province of Nova Scotia to take unprecedented steps—including both criminal and civil action—to interrupt aggressive online activities.
While CISOs are security leaders, there are different areas that they need to specialize in depending on the culture of the organization they serve.
Federal agencies tasked with Americans' safety can find other ways to fulfill their duties without stomping all over the U.S. Constitution and Bill of Rights.
This month's "Me and My Job" features Sasan Hamidi, CISO at Interval International.
Malware is increasingly being created for tablets and smartphones, and that is our threat of the month.
In this month's debate, two experts discuss whether security training is an effective strategy in the workplace.
Managing privacy is moving toward collaboration, communication and education, says Ernst & Young's Sagi Leizerov.
Organizations today have a master data model to drive efficiencies in system design. How about a similar approach for the enterprise security program?
As the Edward Snowden affair continues to make headlines around the world, there are ways organizations can bolster their security strategy to ensure they're not the next target.
Spamhaus seems to be shrouded in mystery, and rightly so. There is a lot of misinformation out there regarding the service. But, there's one thing I'd like to clear up. Hint: It's all about the approval.
The Province of Ontario's 8.5 million voters may have the option of casting their ballot online in the coming decade, making it the largest jurisdiction in the world to introduce voting by internet.
More than half of C-level executives surveyed in large Canadian companies do not educate employees about data security, storage and destruction.
Canada is becoming increasingly attractive to foreign companies and governments that are looking to establish a virtual base from which to launch cyber attacks.
For the second time in four years, BlackBerry faces sanctions from the government of Indonesia, one of the smartphone maker's most important markets.
There is increased demand for defensive-minded security pros with the ability to manage perimeter security technologies. These roles can be found in security teams that manage their own infrastructure.
For this month's "Me and My Job" we speak with Stephen Fridakis, senior IT security officer for the Food and Agriculture Organization of the United Nations.
As journalists come under attack from the government, an encrypted online dropbox co-created by the late Aaron Swartz can ensure anonymity.
July's "threat of the month" is SCADA "sport fishing," which could enable attackers to manipulate a water supply and make it undrinkable.
Experts in this month's debate discuss Java. Is it time to stop using the popular software?
Our educational institutions continue to set the pace in BYOD.
There is no doubt that threats have evolved from vandalism and hobby-based malware to financially motivated crime and now state-sponsored espionage and attacks against government and enterprise targets around the world.
To defend against evolving threats, prepare and maintain vigilance, says DTCC's Parthiv Shah.
Targeted attacks are easy and cheap, but not always anonymous, says Norman ASA's Snorre Fagerland.
There's a larger story than Edward Snowden, the 29-year-old whistleblower who released classified documents that contained details about the NSA's massive surveillance of U.S. citizens.
Cyber attacks continue to grow and evolve in sophistication. Consequently, it's sometimes difficult to tell who the good guys are when everyone is in the game.
Cloud computing services and social networks are pushing data to external networks, but mobile devices are circumventing corporate networks entirely.
As security threats continue to grow in numbers, the burden will fall on colleges and universities to better prepare the next-generation of information security workers.
There are five common traits that are commonly found in the truly innovative CISOs in the industry.