Canadian companies lag in cybersecurity investments, survey finds

More than three-quarters (76%) of surveyed Canadian executives believe that the number of data breach attempts on their firms will be higher in a year, yet fewer than half said that their organization’s investments in cybersecurity will increase in that same time period, a new survey has suggested.

The results of the survey conducted by research and consultancy firm Ovum for Silicon Valley analytics firm FICO were released on Tuesday. Ovum conducted telephone surveys for FICO of security executives at 350 companies based in Canada, the United States, the United Kingdom and the Nordics, FICO said in a press release. Respondents represented firms in financial services, telecommunications, retail, ecommerce and media service providers.

The survey found that while 68% of respondents reported that their organizations’ volume of attempted data breaches has increased over the past year, just 36% of Canadian firms polled felt that an assessment of their organizations’ cybersecurity in a year’s time would show improvement, compared to 53% in the U.S. And despite all Canadian respondents predicting that the number will continue to rise over the next year, 46% believed their organization’s level of investment in cybersecurity will increase to keep up.

“It is surprising to hear that few firms plan to make additional investments in cybersecurity when there seems to be a clear understanding that the risks are continuously rising,” said Kevin Deveau, vice president and managing director of FICO Canada, in the release. “The stakes are higher now – with Canada’s Digital Privacy Act requiring companies to soon start reporting their breaches to regulators and customers, by not taking steps to ensure they are protected, organizations risking not only their data, but their reputations as well.”

Although most Canadian companies (76%) report having ongoing monitoring, scoring and reporting services to monitor cybersecurity risks, in the event of a breach they are less prepared than their global peers. Only 44% of Canadian executives reported that their organization have a tested data breach response plan, significantly lower than the 52% of respondents from the U.S.

“How a company responds to a data breach is critical,” noted Andrew Kellett, principal analyst for IT security, who conducted the research for Ovum. “Customers trust businesses with a great deal of personal information, and it’s not just the large organizations which are being targeted by hackers. We’re seeing smaller companies who never thought they would be at risk being compromised, and they don’t know where to start. Some simply can’t recover from a cyberattack.”

Founded in 1956, FICO is a “pioneer in the use of predictive analytics and data science to improve operational decisions,” the release said. The company holds more than 170 U.S. and foreign patents on “technologies that increase profitability, customer satisfaction and growth for businesses in financial services, telecommunications, health care, retail and many other industries.”

Founded in 1985, Ovum is part of the Business Intelligence Division of Informa plc, a business intelligence, academic publishing, knowledge and events group. Through its 150 analysts worldwide, it offers expert analysis and strategic insight across the IT, telecoms and media industries. With 23 offices across six continents, Ovum offers a global perspective on technology and media markets and provides thousands of clients with insight including workflow tools, forecasts, surveys, market assessments, technology audits and opinion.