A new survey indicates that while Canadian IT businesses are taking cybersecurity more seriously than in years prior, many do not have the necessary plans in place in the event of a data breach.
The survey, conducted by Canadian IT solutions firm NOVIPRO and polling company Leger in November, polled 476 decision-makers in tech sectors as well as various other industries. All the respondents worked for large or medium-sized companies in Canada.
Cybersecurity still a major concern
28 percent of Canadian businesses admitted they had been a victim of a cyberattack in 2018.
Cybersecurity persists as the biggest area of concern for businesses across the country, with 57 percent owning confidential client information and of these, nearly four in five have already fallen victim to a cyberattack. Twenty-five percent of businesses have no recovery plan in place in the event of a data breach, and nearly half mention they would not inform their clients.
One-quarter (25 percent) of Canadian companies perceive data security as a necessary evil, and this negative perception seems to prevail the strongest in Québec (33 percent). Moreover, while 59 percent of companies had completed a security audit in 2016, only 40 percent of respondents showed as much completion in applying precautionary measures in 2018.
Related: Cybersecurity risk assessment company RootSecure acquired by Arctic Wolf Networks
A quarter of businesses have experienced a cyberattack
While 28 percent of Canadian businesses admit they had been a victim of a cyberattack in 2018, only two percent of Ontario businesses were a victim this year, compared to 34 percent in 2017. Businesses from the Maritimes (43 percent) and Québec (31 percent) suffered the most attacks. The most targeted industries were agriculture (50 percent), construction and real estate (40 percent), and technology, media and telecommunications (37 percent).
Of greater concern, if a data breach occurred, not all companies would want to share this information. Respondents from Ontario businesses say that 79 percent would communicate with their IT team, half (49 percent) would write to clients, and 64 percent would report to police and company leaders. The study found that the most transparent industries with regard to cyberattacks were businesses in agriculture and healthcare, and companies that are most likely to inform their clients in writing are those led by women (57 percent).
AI investment expected to increase
Concerns regarding cybersecurity notwithstanding, thirty-four percent of businesses surveyed intended to invest in AI within the next two years, which signifies a jump of 48 percent compared to 2017. Remarkably, Ontario firms are projected to invest the least, at 35 percent, compared to Atlantic Canada (48 percent), Quebec (42 percent), British Columbia (42 percent) and the Prairies (41 percent).
Some industries also consider AI as a greater priority than others. Fifty-two percent of companies in consumer goods sectors, for example, consider AI a top priority at 52 percent, while only 40 percent consider it a top priority in the technology, media telecoms, and financial services sectors. Companies that work in professional services (23 percent), manufacturing (25 percent), and healthcare (26 percent) are least expected to make any significant investments in AI.
“While it’s wonderful to see Canadian businesses continue to advance and adopt new technologies, like AI, it’s important that companies are properly equipped to manage these new technologies so they become an asset, not an issue,” said Yves Paquette, co-founder, President, and CEO of NOVIPRO. “As Canadian businesses continue to lead the charge on new technologies, they will need to commit to better securities and processes to protect their investments.”
Read the key findings of the report here.