TITUS, a provider of data security and governance software, has been selected by a number of federal government departments to identify and protect sensitive information.

Information security people sometimes think that simply making users aware of security issues will make them want to change their behaviour. But security pros are learning the hard way that awareness rarely equals change. A fundamental problem is that most awareness programs are created and run by security professionals — people who were not hired or trained to be educators.

PwC recently released its 2012 Global State of Information Security Survey. Canadian highlights include:

• When approaching information security in Canada, 47 per cent of organizations are more driven by regulatory and legal requirements.
• Only 21 per cent of all Canadian organizations surveyed consider investing in security-related technology as very important or a top priority.
• Fifty-six per cent of Canadian companies assessed conduct one or more risk assessments a year — lower than the 72 per cent global average.
• Approximately 43 per cent conduct less than annual or no risk assessments.

The PwC report summarizes the challenges ahead for Canadian companies thusly:
"Canadian companies cannot be lulled into a false sense of security by perceiving that simply complying with federal or provincial regulations or industry requirements, such as the Payment Card Industry (PCI) data security standard, means they’re secure.  'Tone at the top' will be one of the most critical factors in a company protecting its digital assets."

The Information and Privacy Commissioner of Ontario, Ann Cavoukian, has launched a website, www.realprivacy.ca, to raise awareness of the implications of the federal "lawful access" bill.

According to a press release from the Commissioner's office: "The expected re-introduction of federal 'lawful access' bills in Parliament, if passed in their original form, would provide police with much greater ability to access and track information about identifiable individuals via the communications technologies that we use every day, such as the Internet, smart phones, and other mobile devices, at times, without a warrant or any judicial authorization."

"I consider this to be such a serious issue that I have organized a public symposium and launched a new website, www.realprivacy.ca, to broaden awareness and educate Canadians, in an effort to improve the legislation before it is re-introduced," said Cavoukian.

The website includes:

• Background information on proposed lawful access legislation such as relevant media articles, key letters, and editorials;
• Proposed solutions on how the federal government can improve the legislation to respect privacy while also enhancing security; and
• A new Write My MP tool by which individuals can share their concerns with their Member of Parliament.

To discuss the implications of the proposed bills, the Commissioner's office will hold a symposium on Friday, Jan. 27, from 9:00am to 11:00am ET at the MaRS Discovery Centre in downtown Toronto.

Cloud technology is still shrouded in myths and misunderstandings, a recent panel discussion concluded, and business leaders need to learn more about it.

The confidential tax files of almost 2,700 Canadians are missing after a Canada Revenue Agency worker took them home and let a friend download them onto a laptop.

Waterloo, Ont.-based Research In Motion has set up a facility in Mumbai to help the Indian government carry out lawful surveillance of its BlackBerry services, the Wall Street Journal reported Friday.

Kevin Johnson has hacked into thousands of computers and never spent a day in jail. And he wants to teach you how to do it, too.

The corporate world has entered an age when corporate social responsibility is more than just an altruistic pursuit. Companies of all sizes, in all industries, are feeling pressure to save money and simultaneously meet the growing demand for environmental responsibility and accountability.