Nearly one-half of Canadian SMB employees believe their company is at risk of cyberattack: survey

Nearly one-half (46%) of Canadian small- and medium-sized businesses (SMBs) believe that their organization is at risk of experiencing a cyberattack, according to a new survey from Internet security company ESET Canada.

The research, commissioned by ESET Canada and conducted by Ipsos, used a sample of 1,003 Canadian adults employed at small businesses (defined as companies with five to 99 employees) and medium businesses (companies with 100 to less than 500 employees) who work in IT, are senior management or have a broad knowledge of their company’s IT policies and procedures. In this case, the poll is accurate to within ±3.5 percentage points, 19 times out of 20, had all Canadian adults employed at small and medium businesses in these job functions been polled.

The survey, released on Wednesday, found that one-quarter (26%) of those polled were very confident that their organization would be able to keep their business and its information safe from a cyberattack. “This number is alarming, especially since it represents a seven-point drop year-over-year, indicating that there is a growing concern and need for cybersecurity awareness among Canadian businesses,” ESET Canada said in a press release.

Despite the finding that 46% of Canadian SMB employees believe that their business is at risk of experiencing a cyberattack, “even with this level of concern, the overwhelming majority indicate that they spend enough time and money protecting their data. In fact, only 14 per cent of SMB employees recognize that they do not spend enough time and money on cybersecurity,” the release said.

Related: One-quarter of Canadian small and medium businesses with revenue over $10M victims of cyberattack: study

In addition, SMB employees also believe that cyberattacks on businesses have risen:

• Almost three quarters (73%) believe attacks have increased within the last year alone;
• Three in four (74%) think they have increased in the past two years; and
• Sixty-nine per cent agree that attacks have increased in the past five years.

“Canadian businesses believe that cyberattacks are on the rise, but they don’t spend enough time and money to mitigate against them,” said Iva Peric-Lightfoot, country manager with ESET Canada, in the release. “Safeguarding your business against cyberattacks is not only about the physical systems and software in place that protect your data, but also the policies and procedures that help eliminate human error.”

When asked to identify factors that contribute to concerns about their organization’s level of cybersecurity, the research revealed that SMBs are not doing enough to arm their employees with cybersecurity information, ESET Canada suggested. Other factors contributing to concerns about an organization’s cybersecurity include: lack of knowledge among staff about how their organization could be attacked (35%); lack of knowledge about how their organization is currently being protected (24%); lack of time spent on staying current with cybersecurity issues (23%); and lack of investment in cybersecurity protection systems (19%).

ESET has been developing IT security software and services for businesses and consumers worldwide for 30 years. Its solutions range from endpoint and mobile security to encryption and two-factor authentication.