Survey: Canadian Firms Overconfident About Cybersecurity

    Feb 08, 2017

    According to a new Accenture survey, “Building Confidence: Facing the Cybersecurity Conundrum,”65% of cybersecurity and IT executives in Canadian organizations are certain their cybersecurity efforts are effective, but they may be overconfident.

    More than three-quarters of the 124 survey respondents said their top cybersecurity strategies are achieving desired business outcomes, but one-third said they have discovered successful data breaches in the last 12 months.

    The results indicate “that (Canadian) companies have become and remain complacent,” Accenture’s Canadian Cybersecurity Lead Russell Thomas said. “There’s an over-confidence in the marketplace … We really need a wake-up call. Companies need to pay attention to security. Security is at the heart of systems today, supporting an enabling secure business and trusting business.”

    Accenture surveyed 2,000 cybersecurity and IT execs in 15 countries last summer and found that 75% globally are confident in their firm’s cybersecurity efforts.

    Canadian respondents were found to be more confident than their peers in other countries on a range of capabilities, IT World Canada reported.

    But the survey results revealed that Canadian companies don’t invest enough in cybersecurity. Compared to other countries, large Canadian firms surveyed spend the least amount of their IT budget (7.3%) on cybersecurity. Organizations in France spend the most (9.4%) of their total IT budget on cybersecurity, compared to the global average of 8.2%.

    When asked what they would do if they received extra money for cyber security about half of respondents said they would spend it on the same things they’re doing now. According to the survey, only 20% of cybersecurity and IT execs in Canada said they would put the extra money toward mitigating financial loss, while just 22% said they would invest in cybersecurity training for staff.

    The results suggest that Canadian organizations see spending on perimeter-based controls as more important than spending on “high-impact internal threats,” Accenture said.

    The survey did find that organizations in Canada (52%), Germany (52%), and the UK (50%) are the most confident in monitoring for breaches, compared to the global average of 38%.


     This monthly advisory contains brief summaries of recent legislative and regulatory issues that may affect the management of records and information in Canada.

     Want to sign up to receive an e-mail version of the Canadian Policy Brief? It's free! Just tell us a little about yourself and you'll receive a monthly dose of the latest in legislation, regulation, and more.



    © 2017, ARMA International