Most Canadian organizations hit by cyber-attacks in past year

Cybersecurity awareness training is effective but only 22% conduct training at least monthly

Mario Toneguzzi is a Troy Media reporter based in CalgaryA new survey finds that 71 per cent of Canadian organizations reported experiencing at least one cyber-attack last year that impacted them in some way, including time and resources, out-of-pocket expenses and paying ransom.

The Canadian Internet Registration Authority’s  2019 Cybersecurity Survey Report also found that 96 per cent of respondents said that cybersecurity awareness training was at least somewhat effective in reducing incidents, but only 22 per cent conducted the training monthly or better.

“Now more than ever, Canadians need trust in the Internet. We believe that security is the foundation of that trust, which is why we have leveraged our experience safeguarding the .ca domain to help Canadian organizations protect themselves and their users,” said Byron Holland, president and CEO, CIRA, in a statement.

The report also found:

  • Only 41 per cent of respondents have mandatory cybersecurity awareness training for all employees.
  • Among those businesses that were victimized by a cyber attack, 13 per cent indicated the attack damaged their reputation. This perception is a sharp contrast to the findings of CIRA’s recent report: Canadians deserve a better Internet, which indicated that only 19 per cent of Canadians would continue to do business with an organization if their personal data were exposed in a cyber-attack.
  • Of those businesses that were subject to a data breach, only 58 per cent reported it to a regulatory body; 48 per cent to their customers; 40 per cent to their management and 21 per cent to their board of directors.
  • Forty-three per cent of respondents who said they didn’t employ dedicated cybersecurity resource cited lack of resources as the reason. This is up from 11 per cent last year.

“While technical solutions are important, the best layer of security for any organization are cyber-aware employees. We are happy to see more organizations embracing cybersecurity awareness training as a critical element of their defence. However, there is more work to be done to ensure the quality and rigour of the training offered keeps pace with the ever-changing world of cybersecurity,” said Jacques Latour, chief security officer, CIRA.

Mario Toneguzzi is a Troy Media business reporter based in Calgary.

© Troy Media


The views, opinions and positions expressed by columnists and contributors are the author’s alone. They do not inherently or expressly reflect the views, opinions and/or positions of our publication.

You must be logged in to post a comment Login