Canadian cyber security legislation lacking, survey finds
- Published: Tuesday, 22 October 2019 08:31
In a survey released recently, Keyfactor, revealed that 87 percent of surveyed cyber security professionals think more privacy and security legislation is required to better protect Canada’s businesses and consumers.
“While the federal government continues to introduce cyber security consortiums and guidance, professionals on the front lines know that consortiums do little to protect their business and consumers from attacks and data loss,” said Chris Hickman, chief security officer at Keyfactor. “The resource divide that exists across small and large enterprise, combined with standards inconsistencies, make us vulnerable to attacks.”
According to the survey, 58 percent of respondents think regulators and elected Canadian officials are not doing enough to standardize security guidance on measures like data encryption.
“Many of today’s large-scale breach events are the result of basic security measures that are overlooked or neglected,” said Hickman. “Attackers looking for low-hanging fruit are commonly able to infiltrate a business’s network – and its customers – by compromising vulnerable IoT (Internet of Things) devices or stealing highly sensitive keys and digital certificates.”
Public Key Infrastructure (PKI) is a tried and tested security tool that protects digital identities across people, software and technology. However, PKI management remains a manual process for many organizations.
The survey also found that:
- 50 percent of respondents cite manual and complex processes as their greatest challenge in managing PKI;
- 43 percent of respondents were most concerned about their ability to securely adopt DevOps, cloud and IoT.