|
Canadian firms slow to adopt adequate security - expert suggests explanation, solutions
Security expert notes the top excuses cited by businesses to avoid adopting secure practices. Also suggests solutions.
Individual employees and managers are not to blame for the poor degree of security protection among Canadian companies. According to Claudiu Popa, a Toronto-based business information security advisor, companies are placing more of their valuable information at risk than ever before instead of implementing protective strategies. "Every time a business creates an interactive web site or connects another computer to the
Internet, the risk to that organization increases". According to Popa, the reasons for the relative lack of concern are:
| | - Lack of management understanding - dependence on the IT department to "just take care of it'
- Complacency - why should we be the ones spending money on security?
- Challenging ROI calculations for security budgets
- Perceived complexity too high - businesses are looking for all-in-one solutions
- Desensitization - too many security alerts in the news
|
"Many Canadian firms resisting even a basic security audit - the first step towards secure practices - are like men with chest pain. They won't see a doctor for fear of what they'll discover".
There are new vulnerabilities being discovered every day, along with the invention of new types of attacks and overall, all organizations are equally at risk. The best ways to protect your business are to seek leadership in enforcing detailed security policies and to spread organizational awareness. An excellent way for non-IT managers and employees to stay informed is to read the Information Security Bulletin, a popular electronic newsletter published by Claudiu Popa that addresses news and threats without hype or advertising.
For further information: or to subscribe to the Information Security
Bulletin: Claudiu Popa, Business Information Security Advisor:
Claudiu@info-corp.com, (416) 431-9012
|
