May 23, 2017
Canadian companies lag in cybersecurity investments
Survey by FICO and Ovum reveals lack of planning and investments
TORONTO -- Although recognizing an expected increase in the number of attempted data breaches in the next year, just over a third of Canadian executives believe their organizations' cybersecurity will improve over the next 12 months, according to a new survey conducted by research and consultancy firm Ovum for Silicon Valley analytics firm FICO.
FICO will host a Tweet Chat on the cybersecurity survey with Ovum on 1st June at 11:00 am EDT. Individuals are encouraged to participate using #cybertrends.
In a telephone survey, 68 per cent of Canadian firms reported that their volume of attempted data breaches has increased over the past year. Despite all Canadian respondents predicting that the number will continue to rise over the next year, less than half (46 per cent) believe their organization's level of investment in cybersecurity will increase to keep up.
Further, only 36 per cent believe that an assessment of their organization's cyber security in a year's time will show an improvement — compared to 53 per cent in the U.S.
"It is surprising to hear that few firms plan to make additional investments in cybersecurity when there seems to be a clear understanding that the risks are continuously rising," said Kevin Deveau, vice-president and managing director of FICO Canada. "The stakes are higher now—with Canada's Digital Privacy Act requiring companies to soon start reporting their breaches to regulators and customers, by not taking steps to ensure they are protected, organizations risking not only their data, but their reputations as well."
Although most Canadian companies (76 per cent) report having ongoing monitoring, scoring and reporting services to monitor cybersecurity risks, in the event of a breach they are less prepared than their global peers. Only 44 per cent of Canadian executives reported that their organization have a tested data breach response plan, significantly lower than the 52 per cent of respondents from the U.S.
"How a company responds to a data breach is critical," said Andrew Kellett, principal analyst for IT security, who conducted the research for Ovum. "Customers trust businesses with a great deal of personal information, and it's not just the large organizations which are being targeted by hackers. We're seeing smaller companies who never thought they would be at risk being compromised, and they don't know where to start. Some simply can't recover from a cyberattack."
Ovum conducted the survey for FICO through telephone interviews with CXOs and senior security officers in 350 companies based in Canada, the US, the UK, and the Nordics in March and April 2017. The respondents represented firms in financial services, telecommunications, retail, ecommerce and media service providers.