PwC’s Global State of Information Security Survey (GSISS) 2016, found that Canadian companies are taking steps toward establishing holistic, integrated safeguards against cyber-attacks. While investment in safeguards against cybersecurity threats have increased by 82 percent year over year, it still accounts for an average of only 5 percent of overall information technology (IT) spending, according to the survey.

“There are three areas where public and private sector organizations are heavily investing in cybersecurity right now: solutions to manage how employees, customers and third parties access and use data; outsourced managed security services to monitor and detect security events more efficiently; and data privacy compliance in anticipation of mandatory breach notifications,” said David Craig, partner, Cybersecurity & Privacy Practice, PwC Canada.

According to the GSISS report, 50 percent of respondents have a chief information security officer (CISO) in charge of their security program. In addition, 59 percent of responding businesses are investing in cybersecurity insurance to help mitigate the financial impact of cybercrimes.

Based on the results of the survey and as part of an expanding digital service offering, PwC Canada is launching a digital game that simulates the speed and complexity of real-world cyber breaches, called Game of Threats, to help executives better understand how to resource and protect companies. The interactive game aims to help users learn about different threats, identify reputational, operational, financial and regulatory impacts, as well as understand what can be done to prevent an attack.

“Overall, the [report] provides solid evidence that Canadian companies are taking steps towards mitigating cyberattacks, but the threat is still very real,” said Richard Wilson, partner, Cybersecurity & Privacy Practice, PwC Canada. “This issue has evolved far beyond data loss. Beyond financial and reputational damages, we are seeing impacts to competitiveness, product and service quality, employee retention, and the health and safety of both employees and the public.”