Cybercrime in Canada is on a huge rise, threatening businesses of all sizes but small ones in particular. And if customers don’t see you taking the threat seriously enough, they will go elsewhere.
A report from MasterCard found a 600 per cent increase in Canadian cybercrime since the start of the pandemic. But, it noted, business owners across Canada said they struggle to invest in cybersecurity tools to protect them due to limited resources and lack of know-how to recover after an attack.
Cyberattacks are a matter of when, not if. Mastercard reported that just 16 per cent of Canadian small business owners are certain they know the best steps to take following a cyber attack — not even one in five (only 18 per cent) have total confidence that their business would recover fully from an attack in the next six months.
Added insights from the Insurance Bureau of Canada. Its 2023 Cyber Security Survey found that more than three in five small businesses believe their business is too small to be targeted by cybercriminals. This number rises to 73 per cent for sole proprietors.
Most business owners surveyed were not concerned about their staff posing a cyber risk, IBC reported. However, three-quarters of employees surveyed admit to having taken at least one action that poses a cyber security risk.
While large corporations are common targets for cybercriminals due to their size and level of reward, smaller businesses are often easy targets because they don’t have the same safety protocols in place, nor do they train staff adequately to protect company assets.
IBC’s poll also showed growing employee concerns with cyber safety. For example, a quarter of employees don’t feel they have the tools and training needed to identify potential cyber threats at work. Another one in five (22 per cent) are concerned their actions could contribute to a cyberattack or data breach, while 10 per cent of employees have shared confidential information with a publicly available chatbot or artificial intelligence (AI) platform.
Having a plan and protections in place is important to consumers. MasterCard’s report said data protection measures (57 per cent), accountability (53 per cent) and transparency about past cyber incidents (52 per cent) are the highest factors that influence Canadian consumers’ perceptions of small business security and trustworthiness.
“A robust and transparent cybersecurity plan is essential for small businesses to uphold their reputation and maintain long-term resilience, even as cyber threats increase and evolve,” MasterCard’s announcement said.
IBC’s Liam McGuinty, vice president of strategy, reiterated the heightened risk for small and medium-sized businesses. “Both employers and staff play an important role in cyber security, and regular staff training is a critical component in reducing risk,” he said.
Furthermore, 40 per cent of small business employees indicated they’ve seen an increase in scam attempts over the last year. And employers don’t seem to be investing enough in cybercrime protections. For example, IBC found that seven in 10 (69 per cent) don’t consider cybersecurity a financial priority, just one in five have any intention of purchasing cyber insurance within the next year and 17 per cent don’t think they would qualify for cyber insurance.
“All businesses, but especially those that rely heavily on an online presence and use e-commerce, should consider contacting their insurance representative to help find ways to manage their cyber risk,” added McGuinty. “However, cyber insurance is just one component of an overall cyber risk mitigation strategy — it is not a replacement for cyber resilience.”