Over the past decade, the City of Toronto, like other large organizations, is increasingly conducting business and key operations online in a networked environment. This makes operations more efficient and citizens are served better.
The purpose of this report is to communicate security incidents that occurred at a City division and a City organization and to highlight the importance and urgency for the City to have a standard incident management process developed and implemented across City divisions and its agencies and corporations.
A standard incident management process will enable the Chief Information Security Officer (CISO) to analyze these attacks and develop a coordinated response on any potential cyberattacks. This will enhance City-wide cybersecurity.
In a 2019 Report for Action, the Auditor General highlighted the importance and urgency for the City to develop a standard incident management process and implement it across City divisions, agencies and corporations.
We have made additional recommendations in one other report entitled “Information Technology Projects Implementation: Information Privacy and Cybersecurity Review of Human Resource System” that is also being tabled at the February 16, 2021 Audit Committee.
The confidential report attached provide more details of the nature of incident and management actions. The work performed in relation to this report does not constitute an audit conducted in accordance with Generally Accepted Government Auditing Standards (GAGAS). However, we believe we have performed sufficient work and gathered sufficient appropriate evidence to provide for a reasonable basis to support our observations and recommendations.
This public report contains two administrative recommendations. The confidential information and recommendations are presented separately to this report in Confidential Attachment 1. The confidential report will be made public at the discretion of the Auditor General after discussing with appropriate City Official.
Reason for Confidential Information
This report involves the security of property belonging to the City or one of its agencies and corporations.
The attachment to this report contains information explicitly supplied in confidence to the City of Toronto which, if disclosed, could reasonably be expected to impact the safety and security of the City and its services.
Over the past decade, the City of Toronto, like other large organizations, is increasingly conducting business and key operations online and in a networked environment. This makes operations more efficient and citizens are served better. The City stores a vast amount of confidential and sensitive data, such as information about employees and citizens’ personal records. […]