Canadian companies far from cyber-security ready

Survey finds Canada lagging behind other countries in being prepared to deal with online security breaches

A recent survey of 2,200 companies across 18 countries found that Canadian companies are some of the world’s least equipped to deal with cyber threats.

The study ranks 18 countries based on the percent of business that are adopters of effective modern cyber security procedures and technology. On a list of 18 Canada was No. 15, beating only the Netherlands, Japan and the United Arab Emirates.

“We’re moving from theft, which is costly, to potential catastrophe,” Steve Duplessie, founder and senior analyst at computer consulting firm Enterprise Strategy Group, said in a press release. “There are forces at play now that aren’t satisfied with just stealing your money, they want to destroy your entity. You can either start taking these threats seriously, or start looking for a hole to crawl into. Ignorance is no longer bliss.”

The technology market research firm Vanson Bourne was contracted by the data storage company EMC (NYSE:EMC) to perform the study. Vanson Bourne surveyed 100 Canadian companies and found that the majority were “laggards” when it comes to adopting cyber security technologies. 

Vanson Bourne found that 52% of Canadian companies surveyed had suffered unplanned system downtime some time over the last 12 months. On average, the unplanned downtime cost Canadian companies $414,000 per incident.

The survey also found that 34% of respondents suffered data loss in the last 12 months, which cost companies an average of $799,000.

According to the survey, 29% of the data loss or system downtime episodes resulted from of a security breach.

“I think CEOs themselves don’t understand the ramifications of having little or no security on the cyber side,” said Dale Jackaman president of Amuleta Computer Security. “There was a recent study in the states that said 90% of CEOs don’t seem to feel cyber security is their responsibility, and, of course, they’re dead wrong.”

According to Jackaman, Canada is “dead last” when it comes to cyber security in the Western World. Jackaman, who started Amuleta as a cyber security firm to help business, had to change his entire business model because of a lack of demand.

“It’s a hidden problem,” said Jackaman. “It doesn’t stare at them in their faces every day so they don’t see it.”

It also comes from a fundamental misunderstanding of the technology and how security applies.

Jackaman said most of the jobs he and other cyber security companies do are cleaning up messes as opposed to setting up prevention methods.

He added that accountants and CFOs in Canada are often responsible for a company’s cyber security but are not trained or equipped to do so. Canadian companies, he said, need to hire people with the expertise and the authority to identify and eliminate cyber threats

“We call them ‘generation never there’ because they just don’t have a clue. They’re from that generation that was just not raised with IT.”

Jackaman added that Canadian business leaders don’t understand the importance of cyber security. In the majority of cases, he said, companies don’t discover that their security has been breached until years later when they find out a foreign company is using their technology or intellectual capital to sell products at a lower price.