Nearly half of Canadian businesses are hiring more technology professionals and spending a greater part of their budgets on security to deal with an ever growing amount of IT threats, according to a recent survey.
While a majority of respondents to the global poll reported “suffering damages” as a result of cyber attacks, overall organizations are getting better at fighting the war against cyber security threats, according to Symantec Corp. The anti-virus and data back-up software company conducted a survey of 3,300 businesses from various industries from across the globe. The companies involved had five to more than 5,000 employees. At least 250 or the respondents were based in Canada. The survey titled: 2011 State of Security Survey covers the months of April and May and has accuracy rating of 95 per cent with a +/- 6.2 per cent margin of error.
As much as 45 per cent of the respondents believe that cyber security is more important today that it was just a year ago, the survey found.
Apart from malware and cyber attacks, IT teams are also facing a lot of pressure from the proliferation of consumer oriented mobile devices now popping up in the workplace, according to Brian Duckering, a senior manager for Symantec Canada.
“It could be a new personal smartphone that an executive wants to have access to the corporate network, or the use of social media in the workplace, or tablet devices that are being rolled out to client-facing employees,” Duckering said. “These are all possible vectors of attacks that need to be protected.”
“But rather than curtailing or stonewalling bring your own device (BYOD) initiatives, organizations might be better off developing new methodologies and employing new tech tools to deal with the challenge,” he said.
While mobile computing, social media and virtualization are among the top trends that are a source of pressure on IT departments, the most critical threats to the enterprise continue to be: hackers; targeted attacks; and hacktivism, Symantec says.
As much as 62 per cent of the Canadian respondents were attacked in the last year. These attacks included malicious codes, social engineering and external malicious attacks. About 20 per cent of companies said the frequency of attacks went up by at least 25 per cent.
Ninety six per cent of those attacked said the losses they incurred from cyber attacks included production downtime and intellectual property and corporate data loss. As much as 77 per cent of those losses translate into actual cost such as productivity, revenue and litigation costs.
The survey found that as much as 20 per cent of Canadian businesses lost at least $274,600 as a result of cyber attacks.
Dealing with cyber attacks
Despite the numbers, Canadian businesses believe they are getting better at dealing with cyber attacks:
- 56 per cent they are attending to security attacks or breaches
- 52 per cent said they are addressing routine security measures
- 48 per cent are pursuing strategic security measures
- 48 per cent say they are in compliance with government and industry security standards
- 45 per cent said they are pursuing innovative and cutting edge security issues
The six areas of increase hiring for Canadian businesses are:
- Mobile security – 48 per cent
- Web security – 46 per cent
- Data loss prevention 44 per cent
- Network security – 42 per cent
- Private cloud security – 42 per cent
- Public cloud security – 42 per cent
The six areas of growing security expenditure for Canadian businesses are:
- Private cloud security – 38 per cent
- Data loss prevention – 36 per cent
- Mobile security – 36 per cent
- Web security – 36 per cent
- Virtual environments – 35 per cent
- Security systems management – 34 per cent
Shift in using technology
The last five years has seen a growing shift in the way people use technology, according to industry experts.
“We’re experiencing a sea change and the old school way of looking at technology is constantly being pitted against the new school use of technology,” said Brian Bourne, president of CMS Consulting Inc. and the co-founder of SecTor, the Canadian security conference.
“Majority of organizations want to find out what are the business value of these technologies and how to go about effectively deploying them,” he said.
Bourne, however, believes there’s no cause for undue alarm. “SMBs should not be worried about security although they shouldn’t be bothered about it.””There is just some much FUD (fear, uncertainty and doubt) in the marketplace,” he said.
Many businesses are at a loss on how to deal with security issues around cloud computing, according to Roberta Fox, principal of Fox Group Consulting, a Mt. Albert, Ont.-based telecommunications technology consultancy.
“My clients are always asking me about security and privacy of their data. Many are worried around the issue of data in the cloud, she said.
Fox also noted that there are a lot of interest about security issues around mobile devices such as tablets and the BYOD trend. She said many SMBs are asking about integration and management of mobile devices.
Clients are coming to us and we are finding out that many carriers are not equipped to help them with their BYOD issues,” she said.