The Alberta Government is woefully underprepared to protect the personal and private information of Albertans. Join me in calling on the Government to immediately implement industry best practices to ensure that your information is safe and secure from cyber threats.

Read my white paper here: thomasdang.ca

We must do three things to prepare Alberta and its citizens for this emerging cyber threat landscape.

1.       Establish an Information Security and Cyber Defence Office.

We need a coordinated and specific office that is focused on ensuring the security and defence of our digital infrastructure. Although the Office of the Information and Privacy Commissioner deals with breaches in data, it does not have the expertise or mandate to provide technical analysis and defence for Government infrastructure. The practical implementation of defence in depth should be coordinated by an office that can solely focus on protecting our digital records.

2.       Establish a Government of Alberta Vulnerability Disclosure Program.

Vulnerability disclosure should be encouraged and rewarded. The Government of Alberta must immediately establish a set of guidelines for responsible testing, disclosure, or other security incidents for developers and security professionals. The program may include going so far as to provide a Vulnerability Reward Program, such as the standard “bug bounties” that are provided by Information Technology (IT) companies. [3] It is all too common for vulnerabilities to go unreported due to fear of repercussions.

3.       Provide a “State of the Information Infrastructure” Report.

The Government of Alberta must regularly provide a report into its IT infrastructure. Security through obscurity is not security at all. Instead, a thorough and proper assessment of our public IT infrastructure that outside analysts and professionals can critique offers the best chance of success in modern cyber defence. Included in this, there must be after-action disclosure reports where breaches are found or vulnerabilities exposed.