Canadian companies fear impact of security, privacy breaches: expert

TORONTO, Oct. 18, 2013 /CNW/ - Two recent reports indicate that 7 million Canadians have lost a whopping $3B to cybercrime last year. A large part of the identity theft, privacy and security breaches are due to failures of service providers and vendors to protect the personal information of customers, yet 94% of businesses say they have never experienced a data breach.

One of Canada's leading security practitioners says the problem is fear - and offers a surprising solution: outsource security to independent experts, but bind the relationship to a confidential service level agreement.

"Unfortunately, Canadians are in a tough regulatory situation. 42% of businesses say that they are not concerned about compromising the personal information of their customers, yet almost a quarter of Canadians continue to suffer serious losses." says Claudiu Popa, CEO of Informatica Security. "All those breaches are entirely avoidable. All remediation costs are entirely optional using standardized prevention".

Only a third of companies have a process in place to deal with security and privacy breaches. The studies, commissioned by Norton/Symantec and the Federal Privacy Commissioner appear to showcase a vast gap in awareness and accountability between Canadian individuals and businesses.

The recent Adobe and D-Link security issues further highlight the disconnect.

"97 percent of Canadians have stated categorically that they want to be notified of breaches involving their personal information. But since companies feel no pressure to comply, they may have a false sense of security" said Popa, a respected author and management consultant specializing in risk assessments for financial and healthcare information systems

As much as Canadians demand accountability, Canadian companies face a crippling fear of the RFC Triad: reputational, financial and continuity issues that can severely impact the operational course of their business, all the way to complete bankruptcy. The solution: preventive IT controls, certified employees and policy audits.

By demonstrating responsible data collection and protection practices, Canadian businesses not only "risk" delighting their customers but also to show how a negative experience can be used to grow their business. And that can only be a win-win situation.

About Informatica Corporation:

Informatica is Canada's leading management consulting company specializing in Information Risk Assurance-as-a-Service. The company provides standards-based assessments and certificates for employee awareness, IT systems, applications and policies.

The company awards one of Canada's most respected security trustmarks, the Statement of Trust™ to companies that demonstrate verifiable best practices. Its Verify™ Risk Assessment Framework conforms to global standards including Privacy by Design™, the Payment Card Industry's PCI-DSS and others.

Informatica's Certified Risk Advisors manage sensitive projects for Canadian businesses, associations and government agencies.

SOURCE Informatica Security Corporation

For further information:

Media Interviews & Commentary contact:

Claudiu Popa, Soundbites@SecurityandPrivacy.ca (Twitter @datarisk)
Informatica Corporation: www.SecurityandPrivacy.ca
1 Yonge St., Toronto, Canada
416-431-9012