Almost a third of Canadian businesses unknowingly divulged sensitive information — including customer data — to phishing scams in 2017.
According to the first Canadian Internet Security Survey conducted by the Canadian Internet Registration Authority (CIRA), this can be traced to a large gap between cybersecurity awareness and personal protection.
-
![]()
Russian hackers tried to attack British energy system -
![]()
Staying safe online when you’re shopping for the holidays -
![]()
Keeping your smart home devices safe and secure -
![]()
Avoiding scams during tax season -
![]()
How to protect your Facebook account -
![]()
U.S., Russia cybersecurity collaboration criticized -
![]()
Trump says he talked joint cybersecurity unit with Putin
“Cybersecurity, whether it be for your home, your business or your corporation, is a prominent subject across all sectors … but the education associated with that is not a one-stop shop. It’s a long, complex process,” said Dave Chiswell, VP of product development at CIRA said in an interview.
While all businesses face cybersecurity challenges as attacks grow more sophisticated, small businesses without the resources to invest in expensive precautions often leave themselves vulnerable to these attacks, Chiswell said.
- Budget 2024 failed to spark ‘political reboot’ for Liberals, polling suggests
- Peel police chief met Sri Lankan officer a court says ‘participated’ in torture
- Wrong remains sent to ‘exhausted’ Canadian family after death on Cuba vacation
- Liberals having ‘very good’ budget talks with NDP, says Freeland
The report states that 77 per cent of small businesses that own their own domain are concerned about becoming the victim of cybercrime, but 36 per cent of respondents surveyed are not currently investing any money in protecting against cybercrime.
“The vast majority of internet users are uneducated, so there’s lots of low-hanging fruit for bad people on the internet,” Chiswell explained.
According to the general manager of Symantec Canada, Ajay K. Sood, small businesses and individual consumers are “woefully outgunned” when it comes preventing online security breaches.
“It’s not a question of whether you can be breached, it’s a question of whether you’re interesting enough to be breached,” said Sood.
Sood adds that the growing complexity of cybercrime makes preventing these attacks especially difficult for small businesses with limited resources. The simplest attacks, such as email phishing scams, can have devastating consequences for small business owners and consumers who don’t know how to recognize them.
-
![]()
Hackers can exploit built-in speakers of smartphones and devices -
![]()
100,000 Bell customers affected by hack -
![]()
The West Block Primer: Election Hacking -
![]()
North Korean hackers focusing their attention on Bitcoin: report -
![]()
White House unsure why Trump excluded election hacking as part of national security plan -
![]()
Aspects of hacks by 3 Chinese nationals similar: U.S. attorney -
![]()
Uber reveals it was the victim of a hack
“Phishing is low tech, it’s just sending an email. But it’s also high crime,” Sood explained.
The CIRA report also goes on to state that awareness about cybercrime is growing, but this hasn’t been accompanied by a decrease in attacks as one might expect. Sood explained why increasing awareness is actually likely to be followed by an uptick in successful attacks.
“At the end of the day, as awareness grows of attacks and cybercriminals, the attack surface is also growing. The more people coming into technology, the greater attack surface you have,” he said.
While it’s become increasingly difficult to prevent a cyber attack, both Chiswell and Sood have suggestions for small business owners looking to increase their security.
Chiswell advised business owners to sign up with a security provider that’s well known and trusted. Sood on other hand urged Canadians to train themselves to recognize at least a handful of potential attacks.
For example, Sood explained that phishing emails usually promise users some extreme benefit for opening their email, such as a large sum of money or other reward, and warn of a detrimental consequence for ignoring it.
“Cyber has to be considered a general threat. What I’m really talking about s a culture change,” said Sood.
Comments