A new cyber security survey released last week and backed by computer technology firm Cisco Canada is revealing what many already know – Canadian businesses in the world of new mobile or cloud-based models have little or no defense for cyber-attacks, but it’s the small and medium-sized businesses, typically struggling financially, that are the most exposed.
Roughly 40 percent of the 498 Canadian firms surveyed in August of this year do not have an effective security strategy ready, or lag behind in preparedness. Canadian firms with fewer than 100 employees accounted for a larger proportion of those without a security strategy (26 percent) compared with organizations with up to 500 employees (11 percent) or larger staff (16 percent).
Many companies do not have the technology-appropriate level of protection for the connected world. Almost 95 percent of Canadian businesses do not know how to protect company data on employee-owned devices.
It is concerning to say the least, given that increases in network attacks over the last decade have increased, and isn’t slowing down. Those small and medium companies need to become more aware of data threats involving hand held devices, but this is difficult for cash-strapped companies trailing in their defenses.
The survey also polled 1,272 employees, and they indicated significant confusion over the use of personal devices. More than half reported are allowed to bring and use their own devices on the corporate network, but 24 percent said they use their own device for work even when they know it is against company policy.
The 2014 survey reported that one in 10 (8 percent) of Canadian businesses overall are still unsure whether they experienced a security threat, attack or breach on their network in the last 12 months. Further, 15 percent of Canadian businesses still do not have a security strategy in place, and only (22 percent), or one in five of Canadian businesses reported they have experienced a threat, attack or breach in the last 12 months.
The challenge now becomes changing security practices so Canadian companies have the right level of security when it comes to protecting sensitive customer data. Ideally, companies need round-the-clock monitoring and protection of their customer data and the right software. This must include detection of penetration, determining points of integration and data transfer, but should not stop there. Once detected, companies need to be in a position to track in real time the who, what, when and the where and how of the hacker(s).
But as the Cisco Canada survey is suggesting, Canadian companies do not have data security at the top of their priority lists, and are complacent. We should care about these findings and not dismiss it as just another study. Hackers, becoming more sophisticated, are finding more ways to penetrate, integrate and steal customer data, your data. If companies continue to display complacency to network protection, wide scale and catastrophic breaches will result.
- New cyber security survey released and backed by Cisco Canada reveals Canadian businesses have little defense against cyber attacks.
- The ones strapped the most that are exposed
- 40% of 498 firms surveyed in August lag behind in preparedness.
- Firms with fewer than 100 employees accounted for a larger proportion of those without a security strategy.
- Data breaches are becoming more and more common in an increasingly connected world.
- Many companies do not have protection against increasingly connected world, cloud, and mobile included.
- Another big issue was that employees are constantly allowed to bring their own mobile devices (BYOD) which puts corporate security at risk.
- company policy
I’m a government cleared cybersecurity expert (a Certified Ethical Hacker), and the Vice-President of Cyber at SIRCO, an investigations and protections firm in Montréal, Canada.
I’m also a frequent contributor to National & Global media reportage about cyber-crime, spying, security failures, internet scams, and the real social network dangers that families and individuals face every day.
Latest posts by tcutler (see all)
- Terry Cutler wins prestigious International Cyber Security and Intelligence Academic and Leadership Awards - November 8, 2017
- Help donate to The Missing Children’s Networkfor the #GivingTuesday #KeepMeSafe campaign for the month of November - November 4, 2017
- Growing need for cyber security spawns new university program - November 3, 2017