The Canadian Internet Registration Authority (CIRA) released its 2019 Cybersecurity Survey Report Oct. 9. The report surveyed organizations to learn more about how they are coping with the increase in cyber threats.

More than 500 individuals with responsibility over IT security decisions at both private and public sector institutions across Canada took part in the survey. Seventy-one per cent of organizations reported experiencing at least one cyber-attack that impacted the organization in some way, including time and resources, out of pocket expenses, and paying ransom.

Another key finding of the report is that while 96 per cent of respondents said that cybersecurity awareness training was at least somewhat effective in reducing incidents, only 22 percent conducted the training monthly or better, while only 41 per cent of respondents have mandatory cybersecurity awareness training for all employees.

Reputational damage

Of those businesses victimized by a cyber-attack, 13 per cent indicated the attack damaged their reputation.

“While technical solutions are important, the best layer of security for any organization is cyber-aware employees. We are happy to see more organizations embracing cybersecurity awareness training as a critical element of their defense. However, there is more work to be done to ensure the quality and rigor of the training offered keeps pace with the ever-changing world of cybersecurity,” stated Jacques Latour, chief security officer, CIRA.