Half Of All Canadian Businesses Hacked

A new survey has terrifying implications for Canadian businesses across the country.

Conducted by marketing research firm Ipsos Canada on behalf of Calgary-based accounting, tax and business consulting firm MNP LLP, the survey found that nearly 60 per cent of Canadian small business owners and C-suite executives either suspect or know for certain they were the victims of an external cyber-attack during the last year, with 50 per cent of C-suite executives indicating that they know for certain that their company experienced a breach.

An additional three in 10 suspected their company was the victim of a breach in the past year, but didn’t know for certain.

And despite the overwhelming evidence indicating otherwise, eight executives in 10 reported being confident in their business’s ability to prevent an external hacking attempt, while 93 per cent of survey respondents indicated confidence in their ability to protect customer data.

In a 7 statement, former Canadion National Police  investigator and current MNP vice president of valuations, forensics, and litigation support Greg Draper called cyberattacks “a reality of doing business,” but added that the survey underlined just how poorly Canadian businesses are equipped to address them.

“There is a significant gap between the perceived preparedness of businesses and the number of data breaches occurring,” Draper said. 

“The number and sophistication of hackers is growing at light speed, but businesses are not evolving their prevention and detection strategies at the same rate. Developing an effective defense against external fraud is an exercise in continuous improvement, not just set-it-and-forget-it. That’s the part that businesses are missing here.”

For example, Draper called it “startling” that only 54 per cent of C-suite executives and small business owners reported using cybersecurity measures such as firewalls.

The findings were especially surprising given that upcoming changes to Canadian privacy laws will require Canadian companies to log and disclose all breaches, Draper noted.

“Along with the costs of a potential business disruption or loss of confidential information, businesses will start to see the breach-related expenses climb sharply when they are forced to publically disclose them,” he said. 

“Loss of customer confidence and potential legal action, fines for non-compliance and the resources to ascertain exactly how hackers got in and then implementing new security measures – the proactive approach to mitigating external fraud risk is far more cost-effective.”

In conducting the online survey, Ipsos polled 1000 owners of small businesses with between five and 99 employees, and 100 C-suite executives at businesses with more than 100 employees, between Jan. 17 and Jan. 26, 2017.

IT World Canada

You Mighy Also Read

Four Steps To Managing Cyber Security Better:

Strategies To Prevent 85% Of Cyber Attacks:

Directors Report January 2017. Cyber Security Checklist For Management (£):

 

 

« Strategies To Prevent 85% Of Cyber Attacks
Insurers Get Much More Cautious About Cyber Risk »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Xcitium

Xcitium

Xcitium (formerly Comodo) is and industry leading provider of state-of-the-art endpoint protection solutions. Our Zero threat platform isolates and removes all ransomware & malware infectictions.

Aptive Consulting

Aptive Consulting

Aptive is a cyber security consultancy providing Penetration Testing and Vulnerability Assessment services.

Direct Recruiters Inc

Direct Recruiters Inc

Direct Recruiters is a relationship-focused search firm that assists IT Security and Cybersecurity companies with recruiting high-impact talent.

Nuvias Group

Nuvias Group

Nuvias Group is a specialist value-addedd IT distribution company offering a service-led and solution-rich proposition ready for the new world of technology supply.

Independent Security Evaluators (ISE)

Independent Security Evaluators (ISE)

ISE is an independent security consulting firm headquartered in Baltimore, Maryland dedicated to securing high value assets for global enterprises and performing groundbreaking security research.

Cyber Security Education

Cyber Security Education

CybersecurityEducation.org is an online directory of cyber security education and careers.

Octo

Octo

Octo, an IBM company, is a technology firm dedicated to solving the Federal Government’s most complex challenges, enabling agencies to jump the technology curve.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Internet Crime Complaint Center (IC3)

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center provide the public with a reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity.

Tabidus Technology

Tabidus Technology

Tabidus Technology is a cybersecurity association that unites and provides the global protection options against cyber threats.

ISECURION Technology & Consulting

ISECURION Technology & Consulting

ISECURION is an information security consulting company. We provide a unique blend of services to our customers catering to the current information security landscape.

Wazuh

Wazuh

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Nagios

Nagios

Nagios is a powerful tool that provides you with instant awareness of your organization’s mission-critical IT infrastructure.

Dutch Research Council (NWO)

Dutch Research Council (NWO)

The Dutch Research Council (NWO) is one of the most important science-funding bodies in the Netherlands and ensures quality and innovation in science.

Phriendly Phishing

Phriendly Phishing

Phriendly Phishing offers phishing awareness training programs designed to ward off potential security threats and minimise the impact of cyber attacks.

ConvergePoint

ConvergePoint

ConvergePoint is the leading compliance software provider on the Microsoft Office 365 SharePoint platform.