Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Sunday, March 10, 2013

Canadian businesses are resigning themselves to being hacked: study - Canadian Business

Canadian businesses have set themselves up to be hacked, and a new study has found that some companies believe that it’s almost inevitable they’ll fall victim to a security breach. Telus and the Rotman School of Management at the University of Toronto says its annual study on IT security found a “pervasive sense of vulnerability” at many corporations. “Security managers are not very confident that they can identify whether a breach actually occurred or whether they’re actually in the midst of a current breach,” said Walid Hejazi, a professor of business economics at Rotman.

In one of the interviews, a chief information officer for a large company, told Hejazi that when he was hired, he laid it out for his bosses. Hejazi said the findings are reminiscent of the troubles that former technology giant Nortel Networks faced when international hackers broke into its corporate computers and accessed information for nearly a decade. The Nortel security breach gave hackers “plenty of time” and “access to everything,” according to 19-year Nortel veteran Brian Shields, who was behind a six-month investigation into the security breach that is believed to have started in 2000, but was only made public in 2012.

Hejazi said that organizations that operate with a “Yes” mentality, or are open to discussions with their staff about how to use technology responsibly, are more secure than companies with rigid security controls.  Even an attachment file can directly lead to a security breach, or using free public computers at a conference in another country that has keylogging spyware installed.


Posted on 03/10