Welcome!

Blog Feed Post

The Key to Canadian Cybersecurity and Culture

The key to Canadian Cybersecurity CultureToday, I wanted to discuss key trends in Canada’s cybersecurity efforts. As a neighbor to the U.S., Canadian enterprises have observed the exponential growth of data threats occurring within U.S. borders. This begs the question: are Canadian organizations keeping pace?

According to our recent Insider Threat Report, 54 percent of global organizations host sensitive data in the cloud. The need and importance to protect data is echoed globally, however the manner in which data is protected differs from country to country. When examining the cybersecurity initiatives in Canada, it’s clear that Canadian enterprises are lagging behind the U.S. significantly.

ClickToTweet: The Key to Canadian Cybersecurity Culture http://bit.ly/1JmJhLA

Here are some of my key findings and observations:

  • Differing Tech Investments: Currently, the biggest demand is for Data Loss Preventions (DLP) solutions. Although the recent data breaches including Anthem and Ashley Madison seem to be pointing to a lack of data-at-rest security, many companies are investing in Data Loss Prevention, really a data-in-transit security control, the focus still being perimeter security. Given the cost and time of investment, the mindset of most Canadian companies is that DLP keeps your database safe.

Canadian enterprises tend to protect data from a siloed approach, rather than a layered one. However data-at-rest is so deep within the organization, a siloed approach isn’t always the most effective. Think about layers of an onion. Data-at-rest is at the center of the onion, so imagine if companies are only protecting the perimeter. Once a hacker infiltrates through the first layer of the onion, this leaves your data completely vulnerable. While it makes sense to protect the perimeter, organizations need to secure all of the layers of the onion, including the center (your data).

  • Data Access Varies: When it comes to examining industry verticals, many customers in Canada have been focused on intrusion detection systems and intrusion prevention systems (IDS and IPS). These are the biggest technologies being used in financial services, for example.

Financial services and retail companies place heavy focus on IDS and IPS technologies, and have less of a need to protect payment card information as fewer of them actually store payment card information at all. As a result, organizations are ignoring the need to protect data-at-rest.

In the future however, we’ll see more companies with online services as a priority target in Canada. Since Anthem’s data breach in 2014, more insurance companies will leverage data protection services and the adoption of technologies like encryption and tokenization is increasing.

  • Legislation is Catching Up: In looking at cybersecurity legislation, the Canadian government has placed a lighter emphasis on breach notification laws and standards. Breach notification laws were implemented only recently, and enforcement policies are just starting to take effect. Presently, class action lawsuits – rather than corporate penalties – are a common reaction to data breaches.While there are several notable distinctions between cybersecurity in the U.S and Canada, in the future we should expect to find more similarities, rather than differences.

Have other thoughts or questions to share? Visit Vormetric.com or email me at [email protected].

The post The Key to Canadian Cybersecurity and Culture appeared first on Data Security Blog | Vormetric.

Read the original blog entry...

More Stories By Vormetric Blog

Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, big data and cloud environments. Data is the new currency and Vormetric helps over 1400 customers, including 17 of the Fortune 30 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters — their sensitive data — from both internal and external threats. The company’s scalable Vormetric Data Security Platform protects any file, any database and any application’s data —anywhere it resides — with a high performance, market-leading data security platform that incorporates application transparent encryption, privileged user access controls, automation and security intelligence.

Latest Stories
Your job is mostly boring. Many of the IT operations tasks you perform on a day-to-day basis are repetitive and dull. Utilizing automation can improve your work life, automating away the drudgery and embracing the passion for technology that got you started in the first place. In this presentation, I'll talk about what automation is, and how to approach implementing it in the context of IT Operations. Ned will discuss keys to success in the long term and include practical real-world examples. Ge...
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next...
So the dumpster is on fire. Again. The site's down. Your boss's face is an ever-deepening purple. And you begin debating whether you should join the #incident channel or call an ambulance to deal with his impending stroke. Yes, we know this is a developer's fault. There's plenty of time for blame later. Postmortems have a macabre name because they were once intended to be Viking-like funerals for someone's job. But we're civilized now. Sort of. So we call them post-incident reviews. Fires are ne...
Whenever a new technology hits the high points of hype, everyone starts talking about it like it will solve all their business problems. Blockchain is one of those technologies. According to Gartner's latest report on the hype cycle of emerging technologies, blockchain has just passed the peak of their hype cycle curve. If you read the news articles about it, one would think it has taken over the technology world. No disruptive technology is without its challenges and potential impediments t...
Hackers took three days to identify and exploit a known vulnerability in Equifax’s web applications. I will share new data that reveals why three days (at most) is the new normal for DevSecOps teams to move new business /security requirements from design into production. This session aims to enlighten DevOps teams, security and development professionals by sharing results from the 4th annual State of the Software Supply Chain Report -- a blend of public and proprietary data with expert researc...
CloudEXPO New York 2018, colocated with DevOpsSUMMIT and DXWorldEXPO New York 2018 will be held November 12-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI and Machine Learning to one location.
DXWorldEXPO LLC announced today that Nutanix has been named "Platinum Sponsor" of CloudEXPO | DevOpsSUMMIT | DXWorldEXPO New York, which will take place November 12-13, 2018 in New York City. Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix Enterprise Cloud Platform blends web-scale engineering and consumer-grade design to natively converge server, storage, virtualization and networking into a resilient, softwar...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
The digital transformation is real! To adapt, IT professionals need to transform their own skillset to become more multi-dimensional by gaining both depth and breadth of a wide variety of knowledge and competencies. Historically, while IT has been built on a foundation of specialty (or "I" shaped) silos, the DevOps principle of "shifting left" is opening up opportunities for developers, operational staff, security and others to grow their skills portfolio, advance their careers and become "T"-sh...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app secu...
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed...
ICC is a computer systems integrator and server manufacturing company focused on developing products and product appliances to meet a wide range of computational needs for many industries. Their solutions provide benefits across many environments, such as datacenter deployment, HPC, workstations, storage networks and standalone server installations. ICC has been in business for over 23 years and their phenomenal range of clients include multinational corporations, universities, and small busines...
This sixteen (16) hour course provides an introduction to DevOps, the cultural and professional movement that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will result in an improved ability to design, develop, deploy and operate software and services faster.
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
All in Mobile is a place where we continually maximize their impact by fostering understanding, empathy, insights, creativity and joy. They believe that a truly useful and desirable mobile app doesn't need the brightest idea or the most advanced technology. A great product begins with understanding people. It's easy to think that customers will love your app, but can you justify it? They make sure your final app is something that users truly want and need. The only way to do this is by ...