I attended the SC Congress last week at the Metro Toronto Convention Centre. The halls were packed with IT professionals from near and far with one topic on their minds: security. In an age where data breach has now become the expectation, it’s incredibly important for those in IT to constantly update, upgrade, and keep abreast of the latest data, trends and solutions for data protection. The SC Congress was just the hub to gather that kind of knowledge.
So what did you miss at the conference? Data presented showed that Canadian organizations at large remain slow to innovate and must do more to rise to the occasion in the presence of widespread disruptive technology. IT leaders must realize the business implications of being conservative. The average US employee produces a GDP of $57/hour, versus $44/hour for Canadian employees. R&D expenditure is downward trending for Canadian companies as well, contrasted by US companies, which showed positive trends in spending. Canadian companies are overall more risk averse, and the numbers demonstrate that this is having a direct impact on both productivity and innovation.
Shadow IT also remains ever present and a threat to security within companies. Unsanctioned applications that handle company data are increasing as lines of business employees find new ways to help them with their jobs. However, eliminating unsanctioned applications shouldn’t be handled with sledgehammer. Rather, IT should deal with the issue surgically by initiating dialogue with lines of business on the applications they use, and finding out ways to make them safe instead of outright obliterating them from further use. Doing this should also become a high priority for IT as 95% of data loss occurs through unsanctioned applications.
The event was attended by prominent security leaders with sage advice. I caught up with some of them and asked them to share their thoughts on corporate data security. Check out who I met with below:
|Mark Zimmerman is the Senior Advisor and CIO at MaRS Discovery District. He has been working in the information and communications technology industry for 15+ years and also has experience in the startup scene. What are Mark’s thoughts on IT and business alignment? “Businesses are increasingly becoming empowered to find and buy apps for themselves, in response, security needs to go from prevention to enablement”.|
|Greg Thompson is the VP of Operational Governance and IT Risk at Scotiabank. He has extensive experience in diverse industries ranging from telecommunications to financial services, and is a proven leader in security, holding positions as Head of Global IS Security and CISO. Greg’s advice to IT leaders: “We’re at the point now in cybersecurity where we should not be dumbing down our message. We should not be talking in a language the business understands. The business needs to understand our language. Boards of directors need to understand our language.”|
|Dr. Mansur Hasib is an author, public speaker, and executive coach on technology, cybersecurity and healthcare leadership and policy. He is the author of innovative holistic Master and Doctor of Science in Business Information Technology and Cybersecurity program. Dr. Hasib’s thoughts on security: “Cybersecurity is not a one brain sport. It is important to engage all the brains in your organization in order to achieve cybersecurity. This is what leadership does. Leaders inspire everyone in their organization to innovate and think of better ways to use technology and data.”|
|Jovan Miladinovic is the acting CISO in application deployment, operations, information security and architecture at Toronto Public Health. He has more than 25 years experience in information technology, as a technology leader, consultant and executive. What does Jovan have to say about security? “Eliminating the opportunities is the best defence against insider threats. IT can and is willing to assist, but this can be accomplished only through critical analysis and re-engineering of the business process.”|