Purchase of cybersecurity solutions the most popular IT investment among Canadian companies: Nordlayer

Purchase of cybersecurity solutions and cybersecurity training account for more than 50 per cent of what Canadian businesses allocate to their IT budget, new research by network security solution for businesses Nordlayer found.

For this research, an external agency surveyed, on behalf of Nordlayer, 500 non-governmental organizations between Mar. 15 and 25, 2023, across Canada, the UK and the U.S..

A sufficient budget is key in choosing comprehensive cybersecurity tools and solutions needed to adapt to the rapidly changing threat landscape, the report emphasized.

Canadian companies are combining different measures to bolster security. Most are using antivirus software (72 per cent), while secure passwords (66 per cent) and file encryption (65 per cent) are the second-highest priorities when creating security policies.

Business virtual private networks (VPNs) remain popular in securing organization network connections, with over half of companies using them. Cyber insurance is also gradually making its way to business cybersecurity, although the focus is on coverage for the consequences rather than preventing an attack.

Carlos Salas, a cybersecurity expert at NordLayer, noted that “cybersecurity funds must be distributed wisely to ensure valuable outcomes, prove the chosen security direction effective, and minimize resources’ waste.”

Accordingly, spending on cybersecurity solutions will remain a priority in 2023, but Canadian businesses will also invest in cybersecurity training for employees, and hiring dedicated staff for cybersecurity as well as commissioning external cybersecurity audits.

Only 4 per cent of companies said they don’t plan to invest in cybersecurity in 2023, of which the majority are small companies.  

The report, however, notes that size does not make one immune. Smaller businesses across the UK, U.S. and Canada continue to experience identity theft (12 per cent), data breaches (11 per cent), insider threats (2 per cent). and social engineering attacks (5 per cent). But small companies still suffer far fewer cyberattacks than large companies. A walloping 90 per cent of large companies say they experienced cyberattacks last year. But they also demonstrated stability in their security spending, consistently allocating an average of 24 per cent of funds designated to IT or cybersecurity needs in 2022-2023.

Phishing (42 per cent) was the most prominent cyber attack in Canada last year, followed by malware (33 per cent), and 27 per cent reported data breaches. 

Interestingly, ransomware attacks that broke the most headlines recently were the least prominent globally. This demonstrates, the report says, the dynamic and unpredictable nature of the cybersecurity landscape. And the frequency of cyber incidents doesn’t necessarily indicate the scale of damage inflicted. 

Canadian companies say they experienced financial losses from cyberattacks ranging from C$5000 to over C$10,000. Numbers could be much higher, as 15 per cent of companies could not disclose how much they lost due to cyber incidents, the report noted.

The report also offers some best practices for developing cybersecurity budgets:

  1. Be aware of cybersecurity challenges and the vulnerability of their business to cyber threats.
  2. Understand what security risks, threats, and scenarios your business is most exposed to
  3. Investigate how the company’s budgets are allocated to different needs
  4. Review your security strategy, see what needs improvement, identify gaps to be addressed
  5. Plan a cybersecurity strategy, explore tools, training, outsourced services, backup plans for threat scenarios
  6. Select solutions and tools that best suit your case
  7. Review and adapt to business needs
  8. Make cybersecurity an ongoing process.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Ashee Pamma
Ashee Pamma
Ashee is a writer for ITWC. She completed her degree in Communication and Media Studies at Carleton University in Ottawa. She hopes to become a columnist after further studies in Journalism. You can email her at [email protected]

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs