The recent security breach to the federal government’s online employee payment system is hardly a surprise considering the public sector has, for an extended period of time, endured criticism regarding its flimsy security procedures, said one analyst.
Last week, the federal government’s online employee pay system, called the Compensation Web Application, suffered a security breach that resulted in the loss of privacy of the compensation information for eight account holders. The self-service system, used by all departments, was shut down upon discovery of the attack.
Warren said the breach illustrates the lack of an overarching strategy and clear vision for the entire government’s IT infrastructure, of which security is just one component. “It is the whole backbone of the government … IT stores all the information of citizens, employees and ministers,” said Warren.
On the topic of government IT security, Warren remarked that the meagre $90 million the Conservative government is committing toward cyber security is “really a drop in the bucket” compared to other countries, such as the U.K., that are allocating the equivalent of $1 billion.
But regardless of the political party in power, Warren said cyber security must be a long-term investment.
While servers based in China were used to route the attacks, it is not clear whether the assault actually originated from China itself. Chinese officials denied the attack. Prime Minister Stephen Harper responded that there will be a strategy to evolve government systems.
Following the attack on the Treasury Board and Finance Department, one security expert pointed out that such a strategy should include a cyber security leader or advisory board that spans all government agencies.
Follow Kathleen Lau on Twitter: @KathleenLau