By: Luke Jones, Published on February 15, 2017 03:38 PM, Last Update on March 1, 2017 09:32 AM
The preparedness of Canadian companies to deal with cyberattacks continues to be a problem, according to a new study. EY’s Global Information Security Survey finds that only 43% of Canadian companies would be able to spot a “significant cybersecurity incident”.
This figure means Canadian organizations are behind global companies, with the survey showing 50% of worldwide businesses could spot such an event. EY’s major study included 1,735 participants from global companies from over 20 industries, such as insurance (7%) and banking (20%). Included in the study were respondents from the Americas (38 percent).
EY is a global assurance, tax, transaction and advisory services company that considers key market trends. Cybersecurity has become a major problem for organizations big and small. Attacks are frequent and can be hugely costly for companies to deal with.
Focusing on Canada, the survey finds that most (98%) organizations feel that their cybersecurity measures are not up to the necessary levels the company needs for protection. Also, 94% admit to not evaluating the financial cost major cybersecurity breaches would cost.
Other Canadian findings included:
“Organizations have stepped up their cyber efforts in the last few years, but these results still point to a gap,” said Abhay Raman, EY’s Canadian cybersecurity leader, in the release. “Creating a robust cybersecurity program is a long, focused process, and many companies haven’t taken that step. That’s why 72% of our survey’s respondents said they need up to 50% more budget for their cyber needs.”
A lack of awareness by companies and employees was the primary reason for major breaches, according to EY:
“This weakness is primarily exploited through phishing, where company employees engage with malicious emails disguised as authentic,” EY explained. “In the process, they unknowingly let the attackers access internal systems.”
Insurance companies are included in the study and are as at risk and unaware of the consequences as any other industry. However, cybersecurity is also a growth area for insurance companies. Increasingly, companies are seeking coverage to protect them from attacks. Insurers are creating insurance solutions to provide policies in the cyber market.