'Canadian business leaders identify it as the greatest threat to their company's growth objectives,' says expert
Cyberattacks are hurting employers and the number of companies falling prey to cybercriminals is rising, according to a recent KPMG report.
Almost three-quarters (72%) of small- and medium-sized business (SMB) leaders in Canada say they were attacked by cybercriminals in the past year, up from 63% last year, according to the report.
And over two-thirds (67%) say they paid a ransom in the last three years, up from 60% a year ago.
"The rapid escalation in both the frequency and complexity of cyberattacks has Canadian business leaders identifying it as the greatest threat to their company's growth objectives," says Hartaj Nijjar, partner and national leader of KPMG in Canada's cybersecurity practice.
"However, while they understand the risk is growing and significant, our recent poll found 71% of companies are not taking a strategic approach to managing their risk and consider cybersecurity a tick-box in staff training.
Overconfidence among IT professionals appears to undermine cybersecurity efforts, according to a new report from Arctic Wolf.
Part of the problem is that 70% employers says they lack qualified personnel to implement cybersecurity defences or monitor for attacks, according to the recent KPMG Private Enterprise survey of 735 business owners or executive level C-suite decision makers at SMBs in Canada, conducted between Aug. 13 and Sept. 4, 2024.
That number is up from 66% in 2023.
Businesses also report having fewer financial resources to invest in cyber defences (69%), up from 64% last year. And two-thirds (66%) admit their company doesn't have a plan to address potential ransomware attacks.
Many SMBs (75 per cent) are also worried that cybercriminals will use generative artificial intelligence (GenAI). Due to this concern, businesses are starting to make cybersecurity a priority even if most lack the financial resources, with 36% strongly agreeing that their company "is increasing investment in cybersecurity to protect their businesses from AI threats" and nearly 79% are considering bolstering their defences with AI.
"We know bad actors are using generative AI to fast track the path to exploitation, so it makes sense that businesses also adopt the use of AI for risk mitigation," says Nisal Samarakkody, a partner in KPMG in Canada's cybersecurity practice who specializes in the use of AI to tackle cybercrime.
"It not only increases efficiency and productivity while allowing for more intelligent threat detection, it can also result in cost reductions during cyber breaches, which is especially beneficial for small- and medium-sized businesses."
Nearly four million professionals are needed in the cybersecurity industry as the global shortage of workers begins hitting the sector, according to the World Economic Forum. And currently, two-thirds (66%) of cybersecurity professionals say that their roles are more stressful compared to how it was five years ago, a report by global professional association ISACA found.