OTTAWA – Data breaches are fast becoming an unfortunate commonplace in the news cycle, whether the root cause is a result of well-funded state-sponsored attacks, hackers, malware unknowingly being installed by an end-user, or the result of malicious intent by an insider to gather and share private information for profit.
Organizations across the public and private sector are increasingly collecting and using sensitive data across a multitude of disparate and distributed databases housed by many external entities, creating the need for stronger protections against data breaches and malicious access. Today’s methods for performing analysis and supporting decision-making processes are fast evolving to require data inputs from an ever broadening set of disconnected, disparate national, regional and global data sources across an unlimited number of databases.
In response to increased risks associated with accessing data, the CIO Strategy Council’s data governance technical committee is developing minimum requirements and a set of privacy controls for third-party access to data applying to all organizations, including public and private companies, government entities, and not-for-profit institutions.
The committee is comprised of over 100 experts cutting across industry, government, academia and civil society.
“The digital ecosystem is changing, and with it, so is how our data is used, accessed and monetized,” said Keith Jansa, Executive Director, CIO Strategy Council. “The proposed standard will help establish benchmarks that can safeguard organizations from internal and external issues concerning their data access and privacy in third-party interactions.”
The public at-large, including policy-makers, regulators, and business, are invited to review and comment on the draft standard.
“This draft presents a peer-reviewed and thorough approach for securing remote access to corporate networks. This is truly a prescription which, when followed, allows companies to trust remote and third-party workers to access their most trusted data assets, a trend which is sure to increase in necessity in the near term,” says Paul Vallée, CEO of Tehama Inc., and member of the CIO Strategy Council.
The review period ends on December 9th, 2019. Further information is available here.
About CIO Strategy Council
The Council Strategy Council (CIOSC) provides a forum for Canada’s most forward-thinking chief information officers to focus on collectively transforming, shaping, and influencing the Canadian information and technology ecosystem. The Council has deployed a nationally-accredited, agile, and consensus-based standards-setting process that matches the speed of innovation and advancement in ICT. Learn more at ciostrategycouncil.com.
CIO Strategy Council