POST Online Media Lite Edition


More than half Canadian firms experienced cyber security incident in 2016

Staff Writer |
The Canadian Securities Administrators (CSA) published CSA Staff Notice 33-321 Cyber Security and Social Media.

Article continues below

It summarizes survey results of registered firms’ cyber security and social media practices, in addition to providing guidance to firms in these areas.

The survey found that more than half (51 percent) of firms experienced a cyber security incident in 2016.

Common incidents reported included phishing (43 percent), malware incidents (18 percent) and fraudulent email attempts to transfer funds or securities (15 percent).

“Preparation is key to mitigating cyber security threats,” said Louis Morisset, CSA Chair and President and CEO of the Autorité des marchés financiers.

“We encourage all firms to perform comprehensive risk assessments, and evaluate the strength of existing policies, employee training programs and response plans as they relate to vulnerabilities in these areas.”

The notice summarizes results from a survey on the cyber security and social media practices of 649 registered firms, which include investment fund managers, portfolio managers and exempt market dealers.

Questions were structured to gather relevant information on cyber security policies and plans, social media practices, third-party vendors and the frequency of risk assessments.

Registered firms should continue to implement clear cyber security and social media policies and procedures.

CSA staff will maintain efforts to review the cyber security and social media practices of firms through compliance reviews.

What to read next

Two in three bosses at Britain’s biggest businesses not trained to deal with cyber attack
87% of Canadian businesses experienced hacking incidents
Banks don't pay attention to third-party partners' security