Canadian CEOs Acknowledge Own Networks At Risk But Say Preventing Against Threat Not A Priority

Media & Entertainment

.

Download
 
Toronto, ONTARIO - According to a new Ipsos-Reid survey conducted on behalf of IBM Canada, protecting their corporate data and computer networks from a malicious attack is a secondary consideration for the CEOs of most mid-sized Canadian companies, even though only one in three (30%) feel their security measures are "very effective."

Four in ten (42%) of the surveyed CEOs said protecting their companies from attacks was only a moderate priority, and another 19 per cent said it was not a priority at all, despite the fact that almost half (45%) the companies surveyed had been hit by a computer virus within the last year.

These are the findings of an Ipsos-Reid poll conducted between July 29th and September 13th, 2002. The poll is based on a randomly selected sample of 250 CEOs of mid-sized Canadian companies, defined as having between 100 and 500 employees. With a sample of this size, the results are considered accurate to within 1776.2 percentage points, 19 times out of 20, of what they would have been had all CEOs of Canadian mid-sized companies been polled. The margin of error will be larger within regions and for other sub-groupings of the survey population.

Key findings from the survey indicate that...

While Protecting the Company from Malicious Attacks is a Low Business Priority, it is a High IT Priority

  • Three-in-four (75%) CEOs say that protecting the company's IT systems and the information they contain is a major IT priority.
  • Ensuring the continuity of operations in case of a security breach is deemed a major IT priority by 66% of CEOs.

Almost Half (45%) Report Being Hit By a Virus in the Past Year

  • Just under half of CEOs (45%) state that their company has been inflicted by a computer virus in the past year, making computer viruses the most prolific type of security breach.
  • Twenty-two percent report that they have had computers stolen in the past year, with 20% saying they've been hit by outside hacker attacks.
  • The incidence of security breaches is higher among larger mid-sized companies (those with more than 50 computers).

Only Half (51%) Are Using An Outside Independent Consultant for IT Security Assessments

  • Half (51%) of CEOs report that they are using outside independent consultants for IT security assessments.
  • Of those who do use outside consultants, 64% of CEOs report that they personally review the IT security assessments. This is equivalent to 27% of all respondents.

Antivirus Software (98%) and Firewalls (85%) are Popular Security Measures, While Policies on Acceptable use of Computers are Most Popular Policies (80%)

  • Almost all medium-sized companies have anti-virus software in place (98%), with the incidence of firewalls (85%) also high. More than half use centralized single sign-on and access control software (68%) and intrusion detection systems (60%).
  • Only 22% report using authentication devices.
  • Among security policies, policies on acceptable use of computers are most popular (in place in four-of-five (80%) companies), with policies on security and access to computers just behind (79%). Two-in-three (68%) report that in their company, passwords are changed regularly according to strong policy.

To view the factum and tables, please open the attached PDF files.

-30-

For more information on this news release, please contact:

Chris Ferneyhough
Vice-President
Technology Group
Ipsos-Reid
(416) 324-2900
Download

More insights about Media & Entertainment

Media & Brand communication