Cybercrime in Canada

Uploaded on 2016-11-10 in FREE TO VIEW, GOVERNMENT-National, GOVERNMENT-Law Enforcement, NEWS-Cybersecurity News

Cybercrime may not be the first thing that comes to mind when you think of Canada, but these day’s cybercrime is top of mind for many Canadian small and medium-sized businesses (SMBs).

In a recent survey of more than 1,000 people working in IT at Canadian companies with less than 500 employees, almost two-thirds (64%) said IT security and protection of business data was very important. Only two other activities were seen as more important: improving quality of products and services (68%), and growing client base and revenues (65%).

And Canadian SMBs have good reason to be concerned. The survey, conducted by Ipsos and sponsored by ESET, found that one in four Canadian SMBs with yearly revenues of $10 million or more had been hit by a cyberattack.

Relative to consumers, SMBs have more digital assets and cash that is worth targeting via criminal hacking. Relative to enterprises, SMBs have fewer cybersecurity protections in place.

This latest survey tends to validate the SMB sweet spot concept. It shows cyberattack risk spiking for Canadian SMBs once they reach $10 million in annual revenue, with one in four becoming victims, compared to only one in 10 firms with annual revenue under $10 million. Not that the latter have nothing to worrying about, far from it. For a start, many small firms are working hard to grow their revenues, but they might not be fully aware of the cybercrime risks inherent in such growth.

Making adequate financial provisions for dealing with increased cyber risks as your business grows is clearly a prudent strategy. However, it is not clear if Canadian SMBs are getting this message. For example, the survey revealed a disconnect among employees regarding, on the one hand, their company’s allocation of resources to cybersecurity, and on the other, confidence regarding their company’s level of protection from attack. While seven in 10 Canadians employed at SMBs feel their company is devoting enough resources to the issue, only one-third feel ‘very confident’ their company is safe from a cyberattack.

We sometimes see this type of disconnect when people are not fully aware of the threats that their organisations face from cybercriminals. For example, any organisation that is serious about cybersecurity will perform a risk analysis to determine what digital assets are at risk and what level that risk is at. If a firm is not aware that criminals can sell its customer data for good prices on black markets will little chance of arrest, or make money by renting out its hijacked servers for use in malicious activities, then that company is probably under-estimating its cyber risks.

Unfortunately, the survey revealed that less than one-third of Canadian SMBs are ‘very familiar’ with the concepts of ransomware, social engineering, and two-factor authentication, yet these are hot topics in cybersecurity right now. The implications are serious here because SMBs make up most of Canada’s economy, but the survey findings indicate that many of them would be unable to function for more than a few days without access to their data. Specifically, 65% of Canadian SMBs said they could only function for a few hours or days without access to their data, and a full 15% said they would have to cease functioning immediately.

The picture of Canadian SMB cybersecurity that emerges from this survey is of many good intentions and a broad awareness that cybercrime is a threat to organizations. For instance, 96% of SMB employees think backing up company files is important, and 92% think having IT security software installed on all devices is an important IT security measure. A very encouraging 88% place a strong emphasis on “training on your company’s IT security procedures”.

Yet much work remains to be done. Only 43% on SMB employees felt confident that their business and its reputation could “survive and thrive” after a cyberattack. And only 40% said they were “very satisfied” with their company’s current IT security policies, procedures, and products.

With clear evidence that the risk of cyberattack increases with revenue growth there is a definite need for Canadian SMBs to keep improving their awareness of threats and their ability to deflect them. And there is plenty of room to better align cyber policy, procedure, and product selection with the full range threats, because the threats are unlikely to diminish any time soon.

WeLiveSecurity:

 

« Bitcoin Just Isn’t Anonymous Enough
Nude Celebrity Photo Hacker Jailed »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Optiv

Optiv

Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives.

Ritz

Ritz

Ritz is the largest holistic pure-play cyber security solutions provider in Myanmar.

Risk Ident

Risk Ident

RISK IDENT specializes in supporting enterprises in identifying and preventing criminal activity like payment fraud, account takeovers and identity theft.

HumanFirewall

HumanFirewall

HumanFirewall makes it possible for every individual to take part in securing their organisation. With HumanFirewall, achieving security has never been easier.

Infodas

Infodas

Infodas provides Cybersecurity and IT consulting / system integration services as well as a range of innovative Cybersecurity products to public sector and commercial clients.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.

GuardDog.ai

GuardDog.ai

guardDog.ai has developed a cloud-based software service with a companion device that work together to simplify network security.

JaCIRT

JaCIRT

JaCIRT is the national Cyber Incident Response Team for Jamaica, established to deliver on the mandate outlined in the GoJ’s National Cyber Security Strategy.

META-Cyber

META-Cyber

META-cyber was founded by engineers with experience in process and control-protection to provide cyber security for industrial infrastructure.

EdgeWatch

EdgeWatch

EdgeWatch is a platform that helps information accredited security practitioners discover, monitor, and analyze devices that are accessible from the Internet.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

SecureClaw

SecureClaw

SecureClaw offers specialized cybersecurity consultation, various products, and a range of services to meet your company's business domain needs.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).

RAH Infotech

RAH Infotech

RAH Infotech is India’s leading value added distributor and solutions provider in the Network and Security domain. We are specialists in Enterprise and App Security and Application Delivery.

Dynamic Standards International (DSI)

Dynamic Standards International (DSI)

Dynamic Standards International is a global standards development organization which develops certifiable ‘dynamic standards’ that pace with fast-evolving landscapes.

System360

System360

System360 is one of Houston's top suppliers of network administration, design, security, and support services.