While Canadian organizations say they’re focused on fending off cyber risks, more than half report an increase in security incidents over the last 12 months, finds an EY survey. That’s a 29% spike over 2012’s results.
The news comes despite the fact that a further 53% of Canadian respondents said they’d increased their security budget over the last year.
“Canadian companies acknowledge the threat of known cyber risks, but they’re comparatively conservative in the way they’re tackling that threat,” says Rafael Etges, EY’s Information Security practice leader in Toronto. “It’s not so much about handling what’s happening right now, but uncovering the still hidden or unknown cyber threats that are right around the corner, and planning accordingly.”
Only 13% of Canadian respondents prioritize the innovation of security services and technologies to address new and emerging threats.
“Leading businesses do an excellent job of scanning the horizon for the vulnerabilities and risks that often come with new technology,” Etges explains. “Organizations need to review, rethink and, in some cases, completely redesign their information security program to prepare for future technologies in order to capture the full potential benefits of innovation.”
In fact, the survey finds Canada is lagging behind most developed economies in terms of innovation, and trails emerging economies such as Latin America and Asia. Etges attributes this to a mix of factors, including risk appetite, market and culture. The good news is that unlike their global counterparts, Canadian respondents name overall cyber security/threats as a top priority for the next 12 months.
Etges concludes: “Businesses need to be more forward looking. That means having an ongoing process in place for assessing risks. Such a rigorous and robust, paired with innovative information security solutions, will bolster a business’s ability to plan for the future, and react quickly should challenges arise.”