Cybersecurity in quebec: time of accountability
Surveying Canadian companies for three years now, as NOVIPRO has in collaboration with the Léger firm, has several advantages. In particular, it allows us to monitor the evolution of behaviours and opinions regarding current technology. The subject of cybersecurity deserves attention.
Over the last few years, companies seemed to be in a kind of denial, with the vast majority considering themselves immune from such attacks. Today, the conversation has turned and cybersecurity, with so many cases making – or not making ― the headlines, it can no longer be ignored. An increasing number of medium and large-sized Canadian companies consider this to be a real issue (a jump from 11% to 39% in three years). Despite this, one quarter of companies still do not have a recovery plan in the event of a breach and we actually witnessed a drop in security audits!
Importance of Data Security as an issue for Canadian companies:
- 2016: 11%
- 2017: 35%
- 2018: 39%
Another highlight: Cyberattacks are a taboo subject for half of companies. Indeed, only 49% of those surveyed would notify their clients if they were victims of an attack. Yet, at the very heart of a data breach is valuable data that concerns customers, employees and potentially every stakeholder of the organization. Companies cannot deny their responsibility. Not only must they demonstrate their effectiveness in restoring the situation in a transparent manner, but also their empathy towards the victims. A succession plan with a communication component is the key.
Avec la transformation 4.0 en cours, les entreprises ont une raison de plus de prendre la sécurité au sérieux, sans quoi elles s’exposent à de graves risques. Autre motivation majeure : la récente Loi sur la protection des renseignements personnels et les documents électroniques (la « LPRPDE ») qui oblige désormais les entreprises à changer leurs pratiques en cas de cyberattaque. Après le Règlement général sur la protection des données (le « RGPD ») en Europe, c’est au tour du gouvernement canadien de renforcer les contrôles.
With the 4.0 transformation underway, companies have one more reason to take security seriously, otherwise they expose themselves to serious risks. Another major motivation is the recent Personal Information Protection and Electronic Documents Act ("PIPEDA"), which now requires companies to change their practices in the event of cyberattack. After the General Data Protection Regulation (the "GDPR") was passed in Europe, it was the Canadian government's turn to strengthen controls.
Artificial intelligence to the rescue?
Our study also reveals an increasingly marked craze for artificial intelligence (AI). One-third of companies expect to invest in AI over the next two years. In Quebec, this proportion rises to 42%, representing an increase of 83% compared to 2017. This indicates democratisation, which heralds great changes, particularly in terms of productivity, competitiveness and the increase in the value of our businesses.
Planned AI Investments by Canadian companies over the next two years:
As a final point, when combining AI with cybersecurity we get something very interesting. AI can be a company’s best defence to detect the threat of cyberattacks in real time. Indeed, among the many advances, techniques that analyze user behaviour can be used to detect anomalies, and can thus help to prevent attacks and to react effectively. Its clear that AI and cyber security have a bright future together!
For 25 years we have been accompanying our customers in every sector. Thank you for your confidence and Happy 2019!
About the NOVIPRO/LÉGER survey
The survey was conducted online from November 1 to 21, 2018, with 476 decision makers in IT (300) and other business sectors (176). All respondents were employed by large (500 employees and over) and medium-sized (100 to 499 employees) Canadian companies.