- New research shows that when it comes to cyber risks in the workplace, over a third (34%) of Canadian employees express little-to-no concern about theft of company data
- However, Canadian businesses can do more to support employees – a third (33%) say there is no cyber training at all in their workplace, despite 78% finding it interesting
- Educating employees and building a cyber-aware culture is the first line of protection
Terranova Security, a global leader in security awareness training, is today launching a report that showcases the level of cyber security awareness among workers in Canada. Overall, the research uncovered that Canadian businesses still aren’t doing enough to protect their organizations from cyber threats by not providing proper cyber awareness training and education.
In collaboration with research company Ipsos, Terranova Security surveyed 1,000 Canadian employees and found that the level of concern over cyber risks was alarmingly low. Just over a third (34%) of employees express little-to-no concern about data theft at work, and 16% believe they can’t be targeted at all by cyber criminals.
The research shows there is still confusion among employees over who is ultimately responsible for protecting company data, despite human error being the cause 95% of cyber issues. More than three-quarters (77%) of Canadian employees believe it’s the IT department’s responsibility to protect company data, compared to just 54% who believe they play an essential role.
These findings come at a time when the danger from a breach is at an all-time high. According to the Canadian Anti-Fraud Centre (CAFC), Canadians lost an estimated total of CAD $230 million to fraud in 2021, out of which a sum of CAD $100 million was associated to online fraud.
The research highlights that Canadian businesses are failing to provide employees with enough education on common cyber threats and security best practices. Only 40% of employees say they work in a company where cyber security awareness training is mandatory. 44% haven’t participated in any cyber security training, and a third (33%) indicated that their company doesn’t offer any relevant training at all.
These low training rates aren’t due to a lack of interest from employees; as 78% believe cyber security training is interesting, and 56% have started or completed the training when it’s offered to them.
“The research shows that there’s some work to do on educating people about the important role they play in protecting data at work, but the responsibility doesn’t just fall on them,” said Theo Zafirakos, Chief Information Security Officer, Terranova Security. “It’s clear that security awareness training fell by the wayside for many Canadian businesses, even though cyber crime is rising, and that’s a concern. But employees also have an appetite for learning more about it. These people are the first line of defense against any cyber attack. By investing more in education and building a culture around data security within the business, companies will set up a powerful barrier against any cyber threats.”