Survey indicates Canadian businesses looking for more security education 29 May, 2007 By Vanessa Ho

"If you are an IT manager, you are responsible for the network and for keeping it up. That's very important to organizations and they definitely need more training as [security] is such a moving target," said Brian Bourne, president of CMS Consulting Inc., a company that focuses on designing, deploying, and securing Microsoft Windows-based networks.

The Ipsos survey interviewed over 1000 Canadian IT managers and was done to get an understanding of the Canadian security market.

About 47 per cent, of the Canadian business managers and executives surveyed reported that their companies have experienced at least one IT security breach or virus attack in the past five years. Additionally, three quarters maintained that securing their IT network is one of their businesss most important priorities.

The survey asked participants how they felt about their security. As well, the survey asked how strong they think their security is and do they think they will benefit from additional training.

Wireless topped the list that participants thought was the most important security topic they wanted to learn more about. Next on the list was application security. But overall, people were most interested in learning about compliance, incident response and IT infrastructure.

To gain the security education that IT staff need, Bourne suggested they join such IT security users groups as the Toronto Area Security Klatch (TASK), North America's largest IT security user group, which CMS Consulting is a founding member.

"Organizations such as TASK are a good resource because it is entirely free and community oriented. Communication with peers is a very valuable way for people stay on top of what's going on simply because you are not the only person struggling with that situation," he added.

As well, attending security events like the first annual Security Education Conference Toronto (SecTor) taking place November 20 and 21, 2007 at the Metro Toronto Convention Centre is another method for IT staff to gain security knowledge with highly dense training sessions.

Bourne said that learning about security will always be an on-going education process.

"It's not a one-time thing. On-going security education is absolutely required to stay on top of what is a constantly a changing threat," he added. "The reality is even if you are secure today, the attacks and the types of threats are changing so rapidly that you really need to stay on top of the training and keep up because the bad guys are keeping up [too]."