#CyberFLASH: Many private companies in the dark about cybersecurity vulnerabilities

imageWhile 88% of private companies in Canada “agreed or strongly agreed” that cybersecurity is an important issue for their organization, firms are in the dark about what they need to do, where their vulnerabilities lie and what to do about them, suggests a new report from PwC Canada released this week.

The study, PwC Canada’s 10th annual Business Insights Survey of Canadian private companies, titled Balancing digital opportunity with cybersecurity risk, found that 42% of respondents said that they’ve never conducted formal cybersecurity employee training. A total of 52% of respondents also said that “employee training related to cybersecurity is not a priority for their business.”

Respondents cited hackers (66%), former employees (41%) and competitors (32%) as their most likely sources of cyberattacks. “Today’s cybercriminals often target companies that have been slower to invest in security as a platform to launch an attack on other organizations,” said Jason Green, director in PwC’s Cyber Resilience team, in a statement. “Private companies need to assume a stronger security posture. When clients hire us to conduct security testing, we can bypass their technical security controls nearly every time.”

The cost to a business that is hacked may be measured by loss of customers, lawsuit payouts, interruption to business or reputational damage, the statement notes. “Investing in cybersecurity will pale in comparison to the costs associated with being in the middle of a large scale breach,” added David Craig, leader of PwC’s Risk Assurance Services Cybersecurity and Privacy practice.

The report suggests that companies look at a “customized and scalable solution” that addresses a company’s specific vulnerabilities and critical information protection requirements, rather than investing in “off-the-shelf” packages. Companies should also:

Read more here

About canux
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.