The Daily Swig Web security digest

CSA urges all firms to conduct ‘comprehensive’ risk assessments

James Walker | 23 October 2017 at 11:00

More than half of Canadian businesses experienced a cybersecurity incident in 2016.

Following numerous high-profile data breaches that made headlines around the world, the US has once again found itself firmly in the infosec spotlight over recent weeks.

However, it seems businesses operating north of the border have equal reason to ensure their digital policies are up to date, as a new report from Canadian Securities Administrators (CSA) indicates a troubling proportion of cybersecurity incidents.

According to the CSA, an umbrella organization representing the country’s provincial and territorial securities regulators, 51% of registered firms experienced a cybersecurity incident last year.

Common threats reported included phishing (43%), malware incidents (18%) and fraudulent email attempts to transfer funds or securities (15%).

“Preparation is key to mitigating cyber security threats,” said Louis Morisset, CSA chair, president and CEO of the Autorité des marchés financiers.

“We encourage all firms to perform comprehensive risk assessments, and evaluate the strength of existing policies, employee training programs and response plans as they relate to vulnerabilities in these areas.”