While overall security breach numbers are down, rise of mobile computing
and sophistication of attacks bring new concerns
TORONTO, Nov. 15, 2011 /CNW/ - One-in-three IT security attacks seek
financial gain, according to TELUS and the Rotman School of
Management's fourth annual study on Canadian IT security, released
The study surveyed more than 600 Canadian IT professionals across
government, public and private sectors, allowing TELUS and Rotman to
provide enhanced clarity on the Canadian security landscape, especially
as it relates to emerging trends in breaches, threats and preparedness.
"After four years of study, we are noticing an alarming trend toward
attacks that are becoming more targeted, focusing on specific
individuals and their data for financial gain," said Yogen Appalraju,
vice-president, TELUS Security Solutions. "These attacks are also
reported less frequently, as they are much harder to detect and
ultimately pose even greater risks. Organizations need to make
continued, proactive investment in security to manage how breaches are
evolving and the impact that they can have."
Breaches in the age of global hacks
The 2011 study reveals some positive results, with overall threats down
nearly 50 per cent from last year, to an average of 7.6 breaches per
year compared to 14.6 in 2010. This is the first year the study has
seen the trend toward rising breach numbers reverse since the aftermath
of the 2008 financial crisis.
The top three breaches reported in 2011 include:
Viruses and malware (46 per cent)
Laptop or mobile hardware device theft (22 per cent)
Phishing/Pharming (20 per cent)
While overall threats are trending downward, publicly traded
organizations continue to report increasing numbers. Public
organizations have surpassed government agencies in the annual number
of breaches for the first time since the beginning of the study (18
breaches for public companies against 17.3 for government
organizations). This may be attributed to improvements in detection
capabilities and monitoring enabling increased visibility into emerging
platforms such as mobile devices.
In addition, the 2011 study reveals that insider breaches are on the
decline with 22 per cent of breaches caused by insiders compared to 25
per cent in 2010. However, government is alarmingly trending in the
opposite direction. Insider breaches in the government sector grew by
28 per cent since 2010 and 68 per cent since 2008.
IT complexity - Top concern for senior executives
This year's report also indicates that increased complexity of IT
environments is a top concern of senior management because complexity
hinders a security team's ability to manage risk effectively. The
increased complexity stems in part from the emergence of new
technologies including mobile computing in the workplace. The study
IT environments with a high degree of complexity reported 26 breaches
last year, versus only three for simpler environments.
100 per cent of reported losses above one million dollars happened in
medium (40 per cent) or high-complexity environments (60 per cent).
Insights into mobile devices in the workplace
40 per cent of respondents highlighted the loss of a mobile device with
corporate data as their biggest concern.
Laptop or mobile device losses and unauthorized access by employees are
reported almost twice as frequently in government as in private
Mobile technology and "bring your own device" options are seen as both
an opportunity and a threat by 80 per cent of government organizations,
compared to 56 per cent (private) and 64 per cent (public).
"With the increased adoption of WIFI-enabled devices such as smartphones
and tablets, we find ourselves constantly trying to maintain control
and implement new technologies designed to mitigate breaches," said Dr.
Walid Hejazi, Professor of Business Economics, Rotman School of
Management. "It has become absolutely critical to monitor and enforce
stronger controls and provide better education to employees at all
levels to prevent attacks."
For more information on the study, visit telus.com/securitystudy.
About Rotman School of Management
The Rotman School of Management at the University of Toronto is
redesigning business education for the 21st century with a curriculum
based on Integrative Thinking. Located in the world's most diverse
city, the Rotman School fosters a new way to think that enables the
design of creative business solutions. The School is currently raising
$200 million to ensure Canada has the world-class business school it
deserves. For more information, visit www.rotman.utoronto.ca.
TELUS (TSX: T, T.A; NYSE: TU) is a leading national telecommunications
company in Canada, with $10.3 billion of annual revenue and 12.6
million customer connections including 7.2 million wireless
subscribers, 3.6 million wireline network access lines, 1.3 million
Internet subscribers and more than 450,000 TELUS TV customers. Led
since 2000 by President and CEO, Darren Entwistle, TELUS provides a
wide range of communications products and services including data,
Internet protocol (IP), voice, entertainment and video.
In support of our philosophy to give where we live, TELUS, our team
members and retirees will, by year-end 2011, have contributed $245
million to charitable and not-for-profit organizations and volunteered
4.1 million hours of service to local communities since 2000. Eleven
TELUS Community Boards across Canada lead TELUS' local philanthropic
initiatives. TELUS was honoured to be named the most outstanding
philanthropic corporation globally for 2010 by the Association of
Fundraising Professionals, becoming the first Canadian company to
receive this prestigious international recognition.
For more information about TELUS, please visit telus.com.
SOURCE TELUS Corporation
For further information:
or to arrange an interview, please contact:
TELUS Media Relations