The Canadian Internet Registration Authority (CIRA) has released its 2018 CIRA Cybersecurity Survey, which looks at the state of cybersecurity in Canada.
Alarmingly, the survey found that there is a significant disconnect between Canadian businesses’ awareness of cybersecurity threats and the actions they take to combat them.
Specifically, the CIRA says that 38 percent of respondents said they are unfamiliar with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s federal privacy law that governs how businesses handle personal information of customers.
This is in spite of the fact that 59 percent of respondents said they store customers’ personal information. Further, 40 percent of respondents said they have experienced a cyberattack in the last 12 months, while one in ten reported facing 20 or more attacks. The number who experienced an attack increased to 66 percent among larger businesses with 250-499 employees, according to the CIRA.
Problematically, while 78 percent of respondents said they were confident in their level of cyber threat preparedness, 37 percent admitted that they don’t have anti-malware protection installed.
Additionally, 71 percent of respondents did not have a formal patching policy, which CIRA notes can expose them to massive security holes. The CIRA also found that only 54 percent of small businesses provide cybersecurity training to their employees, despite the fact that phishing attacks — the most common form of malware among respondents — are designed to directly exploit employees.
Overall, 88 percent of respondents said they were concerned over future cyberattacks, resulting in 28 percent saying they will add cybersecurity staff in the next year.
“Training and awareness are critical to ensuring your business is cyber-secure,” said Jacques Latour, chief security officer of CIRA, in a press statement. “No matter how great your IT team is, anyone with a network-connected device can be the weak point that brings your business down.”
The full 2018 CIRA Cybersecurity Survey can be viewed here.
This article was originally published on MobileSyrup.