Canadian Companies Lag in Cybersecurity Investments, According to Global Survey


  • 76 percent of surveyed Canadian executives believe the number of data breach attempts will be higher in a year, yet fewer than half say that their organization's investments in cyber security will increase in that same time period.
  • 68 percent of respondents report that their organizations' volume of attempted data breaches has increased over the past year.
  • Just 36 percent feel that an assessment of their organizations' cybersecurity in a year's time would show improvement, compared to 53 percent in the US.
  • Ovum conducted telephone surveys for FICO of security executives at 350 companies in Canada and other countries.


Although recognizing an expected increase in the number of attempted data breaches in the next year, just over a third of Canadian executives believe their organizations' cybersecurity will improve over the next 12 months, according to a new survey conducted by research and consultancy firm Ovum for Silicon Valley analytics firm FICO.

FICO will host a Tweet Chat on the cybersecurity survey with Ovum on 1st June at 11:00 am EDT. Individuals are encouraged to participate using #cybertrends.

In a telephone survey, 68 percent of Canadian firms reported that their volume of attempted data breaches has increased over the past year. Despite all Canadian respondents predicting that the number will continue to rise over the next year, less than half (46 percent) believe their organization's level of investment in cybersecurity will increase to keep up.

Further, only 36 percent believe that an assessment of their organization's cyber security in a year's time will show an improvement — compared to 53 percent in the US.

"It is surprising to hear that few firms plan to make additional investments in cybersecurity when there seems to be a clear understanding that the risks are continuously rising," said Kevin Deveau, Vice-President and Managing Director of FICO Canada. "The stakes are higher now—with Canada's Digital Privacy Act requiring companies to soon start reporting their breaches to regulators and customers, by not taking steps to ensure they are protected, organizations risking not only their data, but their reputations as well."

Although most Canadian companies (76 percent) report having ongoing monitoring, scoring and reporting services to monitor cybersecurity risks, in the event of a breach they are less prepared than their global peers. Only 44 percent of Canadian executives reported that their organization have a tested data breach response plan, significantly lower than the 52 percent of respondents from the US.

"How a company responds to a data breach is critical," said Andrew Kellett, principal analyst for IT security, who conducted the research for Ovum. "Customers trust businesses with a great deal of personal information, and it's not just the large organizations which are being targeted by hackers. We're seeing smaller companies who never thought they would be at risk being compromised, and they don't know where to start. Some simply can't recover from a cyberattack."

Ovum conducted the survey for FICO through telephone interviews with CXOs and senior security officers in 350 companies based in Canada, the US, the UK, and the Nordics in March and April 2017. The respondents represented firms in financial services, telecommunications, retail, ecommerce and media service providers.

Click here for Printer Friendly Version