Cyber security expert says officials should acknowledge mistakes in portal breach

A cyber security expert says it's important for the province and its officials to acknowledge its mistakes over the recent data breach.

Ajay Sood's comments come after Nova Scotia's chief information security officer lambasted the media over its reporting of the breach.

Sood is the vice president of Symantec Canada and says the province needs to be held accountable to its constituents over the recent breach of its freedom of information web portal.

Recently, the province's Chief Information Security Officer Robert Samuel took to Linkedin to pan the media over its coverage, calling it sensationalized and biased.

Sood believes that is the wrong approach to take.

“Having the hubris to say 'don't lambaste the province for not taking adequate control' probably isn't the most progressive way to approach a breach,” Sood said. “I prefer to approach it with a little more humility to be a little more honest.”

He goes on to describe the safeguards for citizen data “weak at best”, and adds that the recently passed data privacy act lacks teeth.

Sood says the province's current system has many vulnerabilities and the only way to keep on top of them is continuous vigilance.