Lifestyles Breaking News

The Canadian Press - ONLINE EDITION

Canadian businesses are resigning themselves to being hacked: study

By: David Friend, The Canadian Press

Thursday, Mar. 7, 2013 at 6:22 PM | Comments: 0

TORONTO - Canadian businesses have set themselves up to be hacked, and a new study has found that some companies believe that it's almost inevitable they'll fall victim to a security breach.

Telus and the Rotman School of Management at the University of Toronto says its annual study on IT security found a "pervasive sense of vulnerability" at many corporations.

"Security managers are not very confident that they can identify whether a breach actually occurred or whether they're actually in the midst of a current breach," said Walid Hejazi, a professor of business economics at Rotman.

He said the findings suggest Canadian companies are operating with "a false sense of security."

The fifth edition of the study, released Thursday, used qualitative evidence to back up past quantitative reports. Instead of compiling hard numbers, it relayed anecdotes from various industries around the country.

In one of the interviews, a chief information officer for a large company, told Hejazi that when he was hired, he laid it out for his bosses.

"I told senior management that we will be breached within the next 18 months, so get over it now," the report quotes the unnamed senior executive as predicting.

The executive declined to offer further comment when asked if a breach actually occurred.

Hejazi said the findings are reminiscent of the troubles that former technology giant Nortel Networks faced when international hackers broke into its corporate computers and accessed information for nearly a decade.

The Nortel security breach gave hackers "plenty of time" and "access to everything," according to 19-year Nortel veteran Brian Shields, who was behind a six-month investigation into the security breach that is believed to have started in 2000, but was only made public in 2012.

Corporate hacking can be motivated by international espionage to "hackivist" groups like Anonymous who are working for a specific and often very public cause.

Hejazi said that organizations that operate with a "Yes" mentality, or are open to discussions with their staff about how to use technology responsibly, are more secure than companies with rigid security controls. Employees who become frustrated with exceptionally tight security will find ways around it, he said.

But he noted that hacking dangers can lie in many unsuspected places. Even an attachment file can directly lead to a security breach, or using free public computers at a conference in another country that has keylogging spyware installed.

"You just open the door to your organizations when you use those kinds of assets," he said.

Rate this
This article has not yet been rated.

We want you to tell us what you think of our articles. If the story moves you, compels you to act or tells you something you didn’t know, mark it high. If you thought it was well written, do the same. If it doesn’t meet your standards, mark it accordingly.

You can also register and/or login to the site and join the conversation by leaving a comment.

Rate it yourself by rolling over the stars and clicking when you reach your desired rating. We want you to tell us what you think of our articles. If the story moves you, compels you to act or tells you something you didn’t know, mark it high.

Sort by: Newest to Oldest | Oldest to Newest | Most Popular 0 Comments

You can comment on most stories on brandonsun.com. You can also agree or disagree with other comments. All you need to do is register and/or login and you can join the conversation and give your feedback.

There are no comments at the moment. Be the first to post a comment below.

Post Your Comment

The Brandon Sun does not necessarily endorse any of the views posted. Comments are moderated before publication. By submitting your comment, you agree to our Terms and Conditions. New to commenting? Check out our Frequently Asked Questions.