Protecting their corporate data and computer networks from an external or internal attack is a secondary considerat...
September 24, 2002
Protecting their corporate data and computer networks from an external or internal attack is a secondary consideration for the CEOs of most mid-sized Canadian companies, even though fewer than one in three feel their security measures are “very effective,” according to a new Ipsos-Reid survey sponsored by IBM Canada.
More than 40 per cent of the surveyed CEOs said protecting their companies from attacks was only a moderate priority, and another 19 per cent said it was not a priority at all, despite the fact that almost half the companies surveyed had been hit by a computer virus within the last year.
“Given the importance of mid-sized companies to the Canadian economy, the results of this survey are a bit startling,” said David Saffran, Vice President and Managing Director, Ipsos-Reid. “The survey indicates that CEOs of many mid-sized companies aren’t fully aware of their companies’ security, and many aren’t investing in the necessary infrastructure that will protect their critical corporate assets.”
Eighty per cent of the executives said their networks have not been hit by an outside hacker in the past year, but 40 per cent said their organizations do not possess the intrusion detection systems necessary to determine if their networks have been attacked.
“IT security is absolutely critical to the overall health of Canadian business. The survey findings underscore what we recommend to our customers – that they ensure they have a comprehensive and effective security model with the proper controls in place,” said Rick Horton, general manager, IBM Global Services, IBM Canada Ltd. “By not properly securing their entire organization’s processes, a security breach can result in irreparable damage to their business.”
During the interview process, the CEOs seemed to become more aware of potential security threats. Initially, 48 per cent said their systems were “extremely secure” or “very secure,” but after answering questions about viruses, hackers and internal threats, only 30 per cent said their company’s security measures were very effective.
While most CEOs didn’t think it was a top business priority, three quarters agreed that protecting the company’s IT systems and the information they contain was a top IT priority, but 42 per cent said spending on IT was either frozen or lower than last year.
“This survey raises concerns that Canadian companies may not be doing enough to prevent and guard against IT security intrusions,” said Mr. Horton. “When a company jeopardizes the security of its IT systems it can have a direct impact on its bottom line.”
Ipsos-Reid interviewed 250 CEOs of companies in Canada with 100-500 employees, from July through September.