GLACIER MEDIA — Canadian businesses continue to be harmed by cybersecurity concerns, prompting billions of dollars in new spending to ward off threats last year, Statistics Canada data shows.
A cybersecurity incident, according to the government, is one where a business faces monetary losses, reputational damage and privacy breaches due to criminal online and digital targeting.
In 2021, just under one-fifth (18%) of Canadian businesses were impacted by cybersecurity incidents, compared with 21% of Canadian businesses in both 2019 and 2017 that were impacted, Statistics Canada says.
However, while the number of businesses threatened remains somewhat stable, the cost of preventing cyber threats has increased.
“The percentage of businesses that reported spending some money to detect or prevent cybersecurity incidents remained relatively the same in 2021 (61%) compared with 2019 (62%). However, the amount of money Canadian businesses spent to detect or prevent cybersecurity incidents increased by roughly $2.8 billion in 2021 to $9.7 billion when compared with 2019,” noted Statistics Canada Tuesday.
Risk management for businesses now includes cyber risk insurance, of which 16% of Canadian businesses had, down from 17% in 2019.
“As ransomware becomes more known and utilized by attackers, in 2021, 11% of Canadian businesses that were impacted by a cybersecurity incident were impacted by ransomware. Among these businesses, a large proportion (82%) did not pay the ransom, while a smaller proportion (18%) reported making a ransom payment, with 1% paying more than $500,000.”
Under-reporting of cybersecurity incidents appears problematic, as only 10% of those that were impacted by such an incident reported the incident to police services.
