Canadian Underwriter
News

Canadian firms may be overconfident in their cybersecurity preparedness: FICO survey


June 21, 2017   by Canadian Underwriter


Print this page Share

Canadian firms, particularly those in the telecommunications sector, may be overconfident in their cybersecurity preparedness, according to a recent survey conducted by research and consultancy firm Ovum for Silicon Valley analytics firm FICO.

For the survey, Ovum conducted telephone interviews for FICO of senior security executives at 350 companies in Canada, the United States, the United Kingdom and the Nordics, FICO said in a press release on Tuesday. Respondents represented firms in financial services, telecommunications, retail, ecommerce and media service providers.

The survey found that 45% of telecommunications sector respondents rated their firms as “top performers,” while 18% ranked their firms as “above average.” Overall, 28% of respondents viewed themselves as top performers in their industry, and 24% felt they were above average in their preparedness.

These results were reported, even though 76% of those polled expected that the number of attempted data breaches would increase over the next year, indicating possible overconfidence in cybersecurity readiness, FICO suggested in the release. Respondents from the telecommunications sector were the most confident and also apparently the most committed when it comes to increasing levels of investments into cybersecurity over the next year, FICO reported. According to the survey, 64% of industry firms plan to increase spending in the next 12 months.

Related: 36% of polled Canadian firms have no cyber security insurance: FICO

“Given the scope and sensitivity of the consumer data within their possession, it’s reassuring to see telecommunications firms focusing heavily on cybersecurity, especially considering Canadian organizations are lagging globally in terms of cybersecurity investments,” said Kevin Deveau, vice president and head of FICO Canada. “It’s reasonable to believe that those who have not been majorly compromised might evaluate themselves as a ‘top performer,’ but in a world of constantly evolving threats, we caution firms not to become overconfident.”

Deveau pointed out that “it takes more than just firewalls to be prepared for an attack. To be truly equipped, firms should be thinking about analytics as well. This allows them to learn from any attempted breaches and continue to strengthen their defences over time.”

FICO also released their cybersecurity preparedness results for the United States on Tuesday. The results found that more than half (54%) of U.S. firms surveyed said that they are better prepared for data breaches than their competitors, with telecommunications firms also the most confident of industries surveyed. In total, 55% of telecommunications respondents claimed that they are top performers and an additional 36% rated their firms above average. Healthcare firms were least confident, with 48% responding that their standards are below average or they don’t know how they rate against competitors.