IT security lacking in best practices

THE NEED FOR BEST PRACTICES KNOWLEDGE WAS IDENTIFIED by 16 per cent of respondents as the top IT security challenge affecting organizations today, according to a recent survey of 322 IT security professionals, undertaken by the Canadian Advanced Technology Alliance in partnership with Microsoft. Coming in a close second was data protection, cited by 15 per cent of respondents, followed by access management, cited by 13 per cent.

“The lack of best practices being one of the primary challenges was certainly one we weren’t anticipating when we started this study,” said Kevin Wennekes, CATA’s vice-president of research. “We knew it would be an issue, but for it to be identified at the top as an overarching challenge came as a bit of a surprise to us.”

Also surprised was Francis Ho, executive officer at the Federation of Security Professionals in Toronto, who expected both data protection and access management concerns to rank higher than best practices.

“It’s certainly a surprising result because there’s so much information out there, with a lot of good server hardening guides to be found all over the Internet,” Ho said. “Data protection is one that should definitely be high on the list as everybody is concerned about information leaving the organization today. In the old days, everything used to be paper-based but now you can make a copy of a file and port it off to your iPod Nano without a trace.”

Another finding indicated that IT security professionals believe that their organizations don’t put enough emphasis on IT security challenges and often react after the problem arrives on their doorstep.

“I see a lot of basic processes like simple hardening of servers that still isn’t being done as the norm, so while some organizations get it, many others don’t,” Ho said. “Larger organizations tend to understand security better and it also depends on the industry.”

To address these issues, CATA recommended that the industry develop industry-wide best practices, establish a research series of IT security professional perspectives reports, undertake a study to determine the value of an IT security skills set, and work to define Canada’s global IT security brand.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now