First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Privacy Commissioner examines cyber security

The increasing cyber security threat continues to raise a series of privacy risks for organizations. The Office of the Privacy Commissioner of Canada (OPC) has been regularly focusing on cyber security in letters of findings and guidance and, most recently, in a report, entitled “Privacy and Cyber Security: Emphasizing privacy protection in cyber security activities”.

The OPC’s report examines the interrelationships between cyber security and privacy, and discusses a number of common challenges for cyber security and privacy, including:

  • The complexity of electronic, interconnected networks
  • Increasingly sophisticated cyber threats and the “professionalization” of hacking
  • Threats to mobile devices, which are closely tied to individual users
  • The challenge in the Big Data context
  • Ensuring breach preparedness is a greater priority
  • Encouraging effective, dynamic risk management instead of “check the box” compliance

The report also considers recent policy developments, including the tension between privacy protection and national security, and the global nature of cyber governance. The report concludes with recommended policy directions in which privacy protection could in the future support and augment cyber security:

  • Building privacy values into the development of cyber security policy
  • Legislative approaches the incentivize cyber security preparedness
  • Facilitating a broader dialogue on cyber security which acknowledges the importance of privacy, trust and responsible data stewardship

By Adam Kardash and Eric Morgan, Osler, Hoskin & Harcourt LLP

Occasional Contributors

In addition to our regular guest bloggers, Inside Internal Controls blog published by First Reference, provides occasional guest post opportunities from various subject matter experts on the topics of risk management and best practices in finance and accounting, information technology, environmental issues, corporate governance, sales/marketing and operations, not-for-profits and business related issues in Canada. If you are a subject matter expert and would like to become an occasional blogger, please contact Yosie Saint-Cyr at If you liked this post and would like to subscribe to Inside Internal Controls blog click here.

, , , , , ,

Comments are currently closed.