A joint study conducted by TELUS and the Rotman School of Management at the University of Toronto surveyed more than 600 Canadian IT security professionals on Canadian IT security practices this year.

The economic downturn has increased the risk organizations:

“The threat environment worsens because when the economy goes into a downturn, job losses mount, and as people leave the organization many often take data with them,” Mr. Hejazi said.

About 33 per cent of reported security breaches this year came from within companies, and unauthorized access by employees represented the fastest-growing threat area, according to TELUS Security Labs managing director and study co-author Alan LeFort.

Last year, about 17 per cent of Canadian organizations reported so-called “insider breaches.” This year, that number has more than doubled to 36 per cent.

The complete article can be read at The Globe and Mail

Most organizations are focusing their patching efforts and vulnerability scanning on the operating system — but 60 percent of the total number of attacks occur on Web applications, and many attacks are aimed at third-party applications such as Microsoft Office, and Adobe Flash and other tools, according to actual attack data gathered for the report. Meanwhile, enterprises are taking twice as long to patch their applications than to patch their operating systems, the report says.

More at darkREADING