Reporting of security incidents ‘credibility issue’

The Canadian government must take a more active role in setting standards and creating a culture of transparency around IT security, Canadian Advanced Technology Alliance says. A CATA survey of 300 firms shows an industry that is closing the traditional divide between IT security and its physical

counterpart. IT security also shows surprising strength despite the industry-wide slump: 85 per cent of respondents said their business has increased this year.

“”There’s been a crisis, but not as big as the rest of the IT sector,”” said Jean-Guy Rens, a CATA executive director who complemented the survey with a series of one-on-one interviews.

Rens says the government should encourage enterprises to report security breaches as a general good business practice. It’s becoming an obligation in the U.S.

Craig Heldson, national principal with IBM Canada’s security and privacy testing group, points to a recent law in California requiring companies to notify all their customers when security has been compromised.

“”How are you going to notify three million people?”” he says. “”The postage alone will kill you.””

Nevertheless, Canada is likely to move in a similar direction, Heldson says, so businesses should start reporting incidents now.

Bank of Montreal chief information security officer Robert Garigue agrees. He says transparency is a credibility issue. And while government-mandated security audits could prove expensive, they’re necessary. “”What kind of plane would you like to fly on — a regulated one or an unregulated one?”” Garigue asks.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Shane Schick
Shane Schick
Your guide to the ongoing story of how technology is changing the world
Previous article
Next article

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs