One Third of Canadian SMBs Unaware of the Financial Impact of Cyberattacks Despite Facing Fallout, Okta Survey Finds
25 October 2024 - 12:00AM
Every year, billions of dollars are lost in Canada to cyberattacks,
but new research shows that nearly one third (32 per cent) of
Canadian small and medium-sized businesses (SMBs) that have been
hit with a cyberattack aren’t even aware of the financial impact.*
A new study* from Okta, Inc. (NASDAQ: OKTA), the leading
independent Identity provider, found that SMBs operate within an
unfamiliar and unpredictable landscape facing far-reaching impacts
on their business.
This lack of awareness reveals a significant vulnerability, as
many SMBs don’t recognize the financial consequences of
cyberattacks until they face them. Just over half (58 per cent) are
willing to invest in cybersecurity measures after experiencing an
attack, highlighting that SMBs end up paying the price in the
aftermath. About one-in-five SMBs (16 per cent) invest over
$200,000 in cybersecurity measures following an attack.
“Many SMBs rely on identity via their email providers, assuming
these gaps won’t be exploited. In reality, cybercriminals are
targeting these weaknesses,” said Dan Kagan, SVP and Country
Manager at Okta Canada. “As AI-powered attacks become more
sophisticated, SMBs must strengthen their identity protections to
safeguard operations and, most importantly, customer trust.”
The stressful reality of cyberattacks
While the financial losses for Canadian SMBs due to cyberattacks
are significant, the toll extends far beyond dollars. According to
Okta’s research, close to 60 per cent of Canadian SMB owners rank
cyberattacks as a top concern – second only to inflation and high
interest rates. And nearly a third (30 per cent) of small business
owners who have experienced a cyberattack, report a negative impact
on their mental well-being.
The mental toll also trickles down through organizations, with
close to half (47 per cent) of SMBs worried about the impact on
their employees' mental health. Smaller companies, with limited
staff and stretched resources, find it even harder to rebuild trust
and morale after a security breach, with over 20 per cent citing a
direct impact on employee morale.
“The impacts of a cyberattack on small and medium-sized
businesses in Canada are wide-reaching, encompassing not only
financial but also psychological and operational repercussions that
can disrupt businesses and their workforces for months,” said
Kagan. “Today’s business owners need a proactive and holistic
approach to cybersecurity that can scale with their operational and
budget needs, and as leaders, it’s essential to not only ensure
robust security measures but also to empower their teams with
clarity and confidence.”
Basic security tools leave SMBs exposed in today’s
sophisticated threat landscape
An overwhelming majority – over 75 per cent – of Canadian SMBs
rely primarily on basic security measures like antivirus software,
which are no longer sufficient against increasingly complex
attacks. More advanced solutions, such as identity management (38
per cent) and biometrics (21 per cent), remain underutilized,
leaving many businesses exposed.
The survey also found that a more layered approach to security
leads to higher confidence. SMBs using tools like identity
management and biometrics in addition to multi-factor
authentication and antivirus solutions report higher confidence (75
per cent) in their ability to detect cyberattacks compared to those
that only use multi-factor authentication and antivirus solutions
(64 per cent).
It’s time to focus on security culture
While many SMBs worry about team stress from attacks, fewer
provide adequate cybersecurity training. The survey found that the
majority of Canadian SMBs (70 per cent) are confident that
employees understand their company’s cybersecurity compliance
measures, yet fewer provide employee training on cybersecurity best
practices — with 47 per cent in Canada doing so. This gap between
confidence and action reveals a cultural oversight that can leave
businesses vulnerable, even with the right technology in place.
Fostering a strong security culture is essential for protecting
SMBs from cyberattacks, as it not only empowers employees with the
tools to recognize threats but also builds a collective
responsibility toward maintaining security. Given the significant
risks facing today’s businesses, addressing these challenges
requires more than just technology. It demands a multifaceted
approach that includes tools, resources, and a strong security
culture.
###
About OktaOkta is The World’s Identity
Company™. We secure Identity, so everyone is free to safely use any
technology. Our customer and workforce solutions empower businesses
and developers to use the power of Identity to drive security,
efficiencies, and success. Learn why the world’s leading brands
trust Okta at okta.com.
About the survey*The survey was conducted by
Okta among members of the Angus Reid Forum.. The survey was
conducted between August 20 and 26, 2024. There were 500 small to
medium-sized businesses surveyed nationally in both the USA and
Canada. All data in this report is a result of these surveys unless
otherwise noted.
Agustina Ruiz, Corporate Communications Manager, Americas
Okta
agustina.ruiz@okta.com
Okta (NASDAQ:OKTA)
Historical Stock Chart
From Nov 2024 to Dec 2024
Okta (NASDAQ:OKTA)
Historical Stock Chart
From Dec 2023 to Dec 2024