"It is critical that organizations remain open to new technologies so employees are empowered with the tools to increase productivity," said Hernan Barros, director, TELUS Security Solutions. "Equally important however, is that organizations ensure employees understand how to use new tools responsibly, and that adherence to security policy is made convenient and simple. Ongoing security awareness training can help ensure compliance."
In response to the qualitative findings, and in an effort to help Canadian organizations achieve a balanced level of security, Rotman and TELUS' team of security experts offer five recommendations:
- Don't assume you haven't been breached. Simply because your organization has not detected a security breach, does not mean you have not been breached at any point in time or that the breach is no longer being perpetrated.
- Security diligence must be ongoing . Security is not a onetime effort. Given the significant pace of technological innovation that affects the security of information systems, IT security managers have to keep up with how these innovations impact the risk profile of the organization and respond appropriately. In essence, security must be built in to every aspect of IT, business practices/processes and employee awareness.
- Compliance is not the same as security. Meeting minimum required standards should be viewed as exactly that, the minimum required. Security should be a consideration throughout the lifecycle of every project from business drivers to the technology implementation and management.
- Organizations should work to be "yes" organizations. "Yes" organizations are open to new technologies and are constantly creating discourse with employees about balancing security responsibly with the business value innovation can bring. These organizations recognize the criticality of security when embracing any new technology and are integrating strategy, policy, awareness, education and buy-in into their processes.
- Awareness training is key. Security is only as good as its weakest link, which often comes down to people. As a result, awareness training must be consistent and relevant to new innovations and threats, and IT security managers need to figure out how to reach employees most effectively.
Security leaders can find the detailed breakdown and analysis of the key insights and recommendations at: telus.com/securitystudy.
About The Rotman School of Management The Rotman School of Management at the University of Toronto is redesigning business education for the 21st century with a curriculum based on Integrative Thinking. Located in the world's most diverse city, the Rotman School fosters a new way to think that enables the design of creative business solutions. The School is currently raising $200 million to ensure Canada has the world-class business school it deserves. For more information, visit www.rotman.utoronto.ca.About TELUS Security Solutions TELUS Security Solutions offers customers the most comprehensive security portfolio including consulting and managed services, technology solutions, plus partnerships with 16 of the top 20 global security vendors. In addition, TELUS Security Labs is a leading provider of security research to more than 50 of the world's top security product vendors. Whether your priority is handling targeted threats with real-time context, securing your mobile enterprise or removing your security management challenge, TELUS Security Solutions can help you gain visibility, understanding and control. About TELUS TELUS (TSX: T, NYSE: TU) is a leading national telecommunications company in Canada, with $10.9 billion of annual revenue and more than 13.1 million customer connections, including 7.7 million wireless subscribers, 3.4 million wireline network access lines, 1.4 million Internet subscribers and 678,000 TELUS TV customers. Led since 2000 by President and CEO, Darren Entwistle, TELUS provides a wide range of communications products and services, including wireless, data, Internet protocol (IP), voice, television, entertainment and video. In support of our philosophy to give where we live, TELUS, our team members and retirees have contributed more than $300 million to charitable and not-for-profit organizations and volunteered 4.8 million hours of service to local communities since 2000. Fourteen TELUS Community Boards lead TELUS' local philanthropic initiatives. TELUS was honoured to be named the most outstanding philanthropic corporation globally for 2010 by the Association of Fundraising Professionals, becoming the first Canadian company to receive this prestigious international recognition. For more information about TELUS, please visit telus.com. SOURCE TELUS Corporation