Canadian security professionals unsure about defenses, Ponemon study finds

A little over half of Canada’s IT security professionals aren’t very confident about their ability to defend against attacks – and 77 per cent of them aren’t getting the support they need from the C-suite to protect confidential data.

That’s according to a new survey from the Ponemon Institute on behalf of Websense Inc., a security solutions provider. Researchers polled 236 IT administrators in Canada to find out more about the challenges they face, as well as what’s keeping them up at night. Respondents had an average of nine years’ experience in the field.

Strikingly, 56 per cent of those polled said they don’t feel their organization is protected from hackers mounting advanced attacks. Another 59 per cent said they felt they had the power to stop confidential information from leaking outside of their organization, while 43 per cent said they felt they understood the scope of threats their organization is facing.

And most tellingly, 36 per cent said one or more significant attacks had hit them in the past year, though just 29 per cent said they were sure they had lost confidential data due to a cyber attack. Twenty-seven per cent said they didn’t know exactly hackers had stolen.

That doesn’t mean these companies don’t have security solutions installed – 39 per cent said they’ve equipped their organizations with security solutions. But even so, these respondents said they either know, or they’re unsure, that their solutions can’t inform them about the root causes of an attack. Another 47per cent reported feeling their intelligence isn’t enough.

However, it’s not just external attacks troubling these respondents. Internally speaking, 50 per cent of respondents said board-level executives at their organization have a below-average understanding of security. Plus, 77 per cent said they feel their executives don’t take data breaches seriously enough, failing to understand losing customers’ confidential data translates into lost revenue, as organizations need to report breaches, contact affected customers, do investigations, hire outside help, and so on.

While IT security staff definitely have a challenging job description, Ponemon researchers did have a few practical tips that may help. They recommend that IT departments invest in technologies that increase their visibility, so they can have a better sense of what kind of attempted attacks hackers are launching against their organizations.

Investing in better threat intelligence and real-time defenses is also a good idea. It also helps to establish a more comprehensive strategy for web, email, and mobile, instead of just narrowly focusing on just one of those channels, researchers said. And as always, educating employees to understand the risks of cyber attacks is key.

For the full report, as well as data on other countries, head on over here.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Candice So
Candice So
Candice is a graduate of Carleton University and has worked in several newsrooms as a freelance reporter and intern, including the Edmonton Journal, the Ottawa Citizen, the Globe and Mail, and the Windsor Star. Candice is a dog lover and a coffee drinker.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs