(Montreal) A quarter of Canadian companies say they have already been victims of a computer attack in 2021, according to a Léger survey commissioned by the technology firm NOVIPRO.
Posted at 2:36 p.m.
The survey shows that cybersecurity is far from being a hypothetical risk, underlines Dominique Derrier, head of information security at NOVIPRO. “As soon as a company generates value, it appears somewhere on a cyber threat map,” warns the man who is also president of the Association de sécurité de l’information du Montréal métropolitain.
NOVIPRO’s sixth annual IT snapshot reveals that more than half (56%) of Canadian organizations targeted by malware have paid out the amounts demanded by cybercriminals. This difficult decision means that a company must reduce its profit to pay a criminal organization, adds Yves Paquette, president and co-founder of NOVIPRO. “If we had used part of these amounts for prevention, we could easily have avoided any action like that. »
The two experts are surprised to see that only 40% of respondents plan to train their employees in this regard, even though 76% of companies say they have reviewed their cybersecurity practices.
Cybersecurity training is often seen as essential by employers, but not all employers place the same importance on follow-up training to refresh the memory of their already trained employees, Derrier notes. “Cybersecurity requires training, like an athlete. »
He gives the example of phishing strategies, a technique used by fraudsters to obtain personal information often using a fraudulent email or text message. “If we don’t practice recognizing them, if we don’t practice visualizing these elements, we can more easily fall into this trap. Training should be done on a recurring basis. »
In addition to training, Mr. Paquette suggests testing employees. That is, sending fake phishing emails to identify those most likely to get caught and take advantage of their mistake to give them more tools to recognize them.
Telecommuting, an additional risk
The massive adoption of telework has also increased the risk factors for the security of computer networks. Moreover, 43% of respondents fear a breach more since the implementation of hybrid work.
Certain teleworking behaviors can put an organization’s data at risk, explains Mr. Paquette. He notes that the internet or devices used at home may not have the same level of security as devices in the office. “Maybe the computer was used for personal video conferencing at home, maybe your teen is using it to play online games,” he says. Your device is much more exposed to attacks or security breaches. »
Labor scarcity
“Unsurprisingly”, the scarcity of labor is a major concern of respondents, again according to the survey. 45% of respondents said they had difficulty attracting qualified talent. Retaining key resources is also a problem for 36% of them.
Finding qualified workers is not easy in the current market, confirms Marco Babin, Senior Director, Information Technologies, at CDMV, a distributor of products for veterinarians located in Saint-Hyacinthe. The job posting outnumbers the number of employees, making it difficult to find the perfect candidate. ” This is completely crazy ! »
Telecommuting is a double-edged sword, notes Mr. Babin. The fact of offering remote work allowed him to find an employee residing in Quebec. On the other hand, workers in the Saint-Hyacinthe region can also go to work elsewhere, which increases the pool of potential competitors, in particular by adding the major head offices in Montreal “where the salary scales are a little different from ours”.