Research from KPMG in Canada indicates that more than nine in 10 (94 per cent) small- and medium-size Canadian companies say they surveil for potential cyberattacks but only half (56 per cent) actually test the effectiveness of their cyber-defences, and less than two in five feel they can fully detect and fend off cyberattacks. KPMG’s Cyber Security Poll surveyed business owners or decision makers at primarily medium-size business and 1,000 Canadians for their views on how well companies can defend themselves from the growing threat of cyberattacks and address consumer expectations.
The poll research revealed that few companies integrate cyber security into their governance and management processes, and few companies are adequately prepared to ward off a cyberattack. Only 38 per cent say cyber security is “deeply embedded” into all aspects of their business, and only 39 per cent are “very confident” in their ability to detect and respond to an attack.
“While many businesses have access to many of the cyber security tools they need, it is critical that they integrate them into their operations at every level, as an attack can come from anywhere,” says Hartaj Nijjar, partner, cyber security, KPMG in Canada.
“If you don’t have the right security controls embedded by design, you’ll be more exposed,” adds Nijjar. “With cybercrime intensifying, Canadian businesses need to make this a priority to protect not only their own data but that of their customers.
Consumers are paying much closer attention to the risks and are holding companies to account for protecting their data. Our poll research shows that companies could be doing more to improve their cyber security culture.”