A report from the Canadian Securities Administrators (CSA) has revealed that 51% of firms registered as investment fund managers, portfolio managers and exempt market dealers saw a cybersecurity incident last year.
The survey named ‘CSA Staff Notice 33-321: Cybersecurity and Social media’ saw a 63% respondent rate, with 649 firms taking part.
Phishing was the most common occurrence, with recorded instances in 43% of firms. Phishing is a fraudulent act whereby companies are falsely impersonated in an attempt to secure sensitive information such as financial details, personal details and/or passwords.
Other common instances included malware incidents (18%) and fraud in the form of email, fund transfer or securities attempts (15%).
However, whilst a high number of firms reported cybersecurity instances, the report from the CSA also noted that only 57% of firms surveyed have procedures set in place that address continuing operation during a cybersecurity incident.
Additionally, only 56% have policies in place to train employees on how to deal with such threats, whilst only 59% of firms have any sort of cybersecurity insurance.
These statistics demonstrate a significant lack of awareness or precautionary measures set in place to counteract cybersecurity threats by a large number of Canadian firms, something that is likely to cause consistent problems within firms if not addressed, particularly considering the high number of cybersecurity incidents recorded.