Canadian Small and Mid-Sized Businesses Report Decreasing Confidence in Protecting Their Data from Cyberattacks

Next story

Nearly half of Canadian employees believe their business is at risk of a cyberattack

TORONTO, ON – September 29, 2017 – According to new research, only a quarter (26 per cent) of Canadian employees at small and mid-sized businesses (SMBs) are very confident that their organization would be able to keep their business and its information safe from a cyberattack. This number is alarming, especially since it represents a seven-point drop year-over-year, indicating that there is a growing concern and need for cybersecurity awareness among Canadian businesses. 

Businesses are not investing enough time and money to remove potential for human error 

The research, commissioned by ESET Canada, also reveals that nearly half (46 per cent) of Canadian SMB employees believe their business is at risk of experiencing a cybersecurity attack. However, even with this level of concern, the overwhelming majority indicate that they spend enough time and money protecting their data. In fact, only 14 per cent of SMB employees recognize that they do not spend enough time and money on cybersecurity.

In addition, SMB employees also believe that cyberattacks on businesses have risen:

  • Almost three quarters (73 per cent) believe attacks have increased within the last year alone
  • Three in four (74 per cent) think they have increased in the past two years
  • Sixty-nine per cent agree that attacks have increased in the past five years

“Canadian businesses believe that cyberattacks are on the rise, but they don’t spend enough time and money to mitigate against them,” said Iva Peric-Lightfoot, Country Manager, ESET Canada. “Safeguarding your business against cyberattacks is not only about the physical systems and software in place that protect your data, but also the policies and procedures that help eliminate human error.”

Knowledge and training are key concerns for businesses

When asked to identify factors that contribute to concerns about their organization’s level of cybersecurity, the research reveals that SMBs are not doing enough to arm their employees with cybersecurity education. Other factors contributing to concerns about an organization’s cybersecurity include: 

  • Lack of knowledge among staff about how their organization could be attacked (35 per cent)
  • Lack of knowledge about how their organization is currently being protected (24 per cent)
  • Lack of time spent on staying current with cybersecurity issues (23 per cent)
  • Lack of investment in cybersecurity protection systems (19 per cent)

To help companies get started, ESET has a free training module for cybersecurity awareness, which is available for download and distribution by any organization to its employees, regardless of whether they use ESET’s software or not. The complimentary online course takes approximately two hours to complete and participants are given a certificate upon completion.

“AT ESET, we believe that knowledge is critical to protect one of your businesses’ most valuable assets,” said Peric-Lightfoot. “With cybersecurity awareness month in mind, we encourage Canadian businesses to look at their current cybersafety best practices and identify areas for improvement, including employee training and education.”

For more information or to download the free training module, please visit:

Survey Methodology
These are some of the findings of an Ipsos poll conducted between August 28th and September 7th, 2017, on behalf of ESET. For this survey, a sample of 1,003 Canadian adults employed at small businesses (defined as companies with 5-99 employees) and medium businesses (defined as companies with 100 to less than 500 employees), who work in IT, are senior management or who have a broad knowledge of their company’s IT policies and procedures was interviewed. Weighting was then employed to balance demographics to ensure that the sample's composition reflects that of the adult population according to Census data and to provide results intended to approximate the sample universe. The precision of Ipsos online polls is measured using a credibility interval. In this case, the poll is accurate to within ±3.5 percentage points, 19 times out of 20, had all Canadian adults employed at small and medium businesses in these job functions been polled. The credibility interval will be wider among subsets of the population. All sample surveys and polls may be subject to other sources of error, including, but not limited to coverage error, and measurement error.

– 30 –

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET becomes the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information visit or follow us on LinkedIn, Facebook and Twitter.

Veronica Bart, Veritas Communications