Nearly three in five heads of Canadian businesses said they “either suspect of know for certain” that hackers targeted their organizations.
In January 2017, the tax and business consulting firm MNP LLP sat down with 100 Canadian executives of mid- to large-enterprises along with 1,000 Canadian small-business owners to inquire about their organizations’ digital security. Approximately all (93 percent) of the respondents feel their company effectively protected business data. Nevertheless, close to 60 percent said their business suffered a hacking attempt.
A majority of survey participants derived their confidence from their organization’s use of firewalls and other security measures. But Greg Draper, MNP’s vice-president of valuations, forensics and litigation support, feels this confidence is misplaced. He thinks basic security software fails to capture “an understanding of the fulsome responses needed to address risk these days.”
As he went on to explain to The Globe and Mail:
“The big thing to note is the gap between the level of confidence businesses have in thinking they can prevent cyberattacks and their experience is quite different. The level of overconfidence is quite striking.”
Such overconfidence, which we’ve also seen in various U.S. industries, doesn’t end there. Interestingly, a slight majority of respondents said they could feel more confident about their business’s data protection capabilities. This viewpoint is consistent with additional findings where Canadian business heads were twice as likely to view fraud as an industry problem rather than a threat to their business.
To defend against hackers and fraud, organizations should consider proactive and preventive digital security measures. Those tools include endpoint detection and response (EDR), audits, and security awareness training. Draper agrees:
“It starts with awareness, from the boardroom to the warehouse floor, of the risks of cyberfraud and simple steps that can be taken internally to prevent them.”
News of this survey follows about a week after CloudFlare patched an issue in its HTML parser chain that caused a buffer overrun and returned memory containing private information. None of the Canadian business people surveyed said their digital security problems arose as a result of that issue.