Nearly as many fear a data breach at their financial institution
Toronto/Calgary/Ottawa – October 15, 2024 – With cyber attacks on financial institutions on the rise as artificial intelligence (AI) and other digital technologies become more sophisticated, more than three quarters (78%) of Canadians polled are concerned about cyber crime when it comes to online banking, a new national survey shows.
Beyond electronic banking, 76% of respondents expressed concern about the possibility of a data breach at their financial institution in general, with 22% of those being extremely concerned.
Conducted in September and October fielded among members of the Angus Reid Forum on behalf of ISA Cybersecurity, one of Canada’s leading cybersecurity-focused solutions and services providers, the survey polled 1,519 Canadians countrywide about their views on cyber safety related to banking.
“The survey results signal an opportunity for financial institutions to boost their efforts to protect and reassure clients at a time when cyber crime against banks is increasing in frequency and complexity. Canadians are concerned about the potential for service disruptions or data leaks,” said Kevin Dawson, President & CEO of ISA Cybersecurity, referring to a report by the Office of the Superintendent of Financial Institutions (OSFI) that shows “high impact” cyber attacks against banks have nearly tripled in the last year.
Other highlights of the survey include:
- More than half (53%) of respondents are likely to switch to a different financial institution if their current financial institution had a data breach.
- Almost three quarters (73%) of those surveyed said they consider a financial institution’s cybersecurity measures (such as protection from scammers, deep fakes, etc.) when thinking about switching or staying with their current financial institution.
- Close to one-quarter of respondents (23%) aren’t confident in their financial institution’s ability to protect their personal information from cyber threats.
- Canadians are open to doing their part to help banks safeguard their data, with 95% of survey participants willing to use extra security measures, such as multi-factor authentication or phone text codes, to protect their accounts and personal information.
- One in five (21%) of those surveyed would be willing to pay a small fee to get enhanced cybersecurity protection for their accounts and personal information from their financial institution.
- Only 54% of survey participants have adopted the use of biometrics to access their financial accounts, with half expressing concern about scammers mimicking their biometrics data.
- 46% of participants have not used biometric authentication to access financial accounts and 58% of those who have not used it are unlikely to consider using it for authentication.
“Surprisingly, despite increased investments in cybersecurity by Canadian banks in recent years, 62% of those surveyed reported that they rarely, or never, hear from their financial institution regarding cybersecurity practices,” Dawson said. “This presents an excellent opportunity for banks to show leadership in educating their customers about how financial institutions protect them – and how customers can better protect themselves.”
Dawson points to a recent Cost of a Data Breach Report from IBM – with whom ISA Cybersecurity partners to help protect financial institutions from cyber threats – that shows Canadian financial services organizations experience among the costliest breaches, paying an average of $9.28 million (all figures CDN) per breach. The report also found that organizations with extensive use of security AI and automation report costs of $2.84 million less and 54-day shorter breach lifecycles.
“The findings of this report underscore the business imperative for financial institutions to integrate AI and automation into their cybersecurity programs to reduce both the financial impact and business disruption of cyber breaches,” said Daina Proctor, IBM Canada Security Service Line Delivery Leader. “Canadian financial institutions that invest in AI and automation will be better equipped to detect and recover from breaches, reducing the significant costs associated with these events.”
Beyond efforts by financial institutions, there are also steps people can take to guard themselves from being hacked, Dawson emphasized.
He offers these tips for bank users:
- Use strong passwords and multi-factor authentication (MFA): Create complex passwords that include a mix of letters, numbers, and special characters and never use the same password across accounts or services. Consider using a reputable password manager to keep track of your credentials securely. Activate MFA (such as SMS codes or authenticator apps, offered by many Canadian banks) on all your banking and financial accounts.
- Stay updated on scams: Be aware that cyber criminals use AI and other tools to create convincing phishing, vishing, and smishing attacks. Check the Canadian Anti-Fraud Centre website regularly to keep informed about the latest scams so you can steer clear of them.
- Secure your devices: Update your computer and mobile device software regularly to patch security vulnerabilities. Install anti-malware programs from trusted providers.
As for financial institutions, Dawson stresses the need to adopt cutting-edge AI and machine learning technologies to detect and respond to anomalies in real time and employ continuous network monitoring systems; provide regular cybersecurity training for employees so they can recognize and respond to potential threats; and maintain a robust incident response plan that is tested on a regular basis through tabletop exercises.
For more information, and details about how ISA Cybersecurity and IBM are working together to help safeguard financial institutions from cyber attacks – visit www.isacybersecurity.com.
About ISA Cybersecurity
ISA Cybersecurity is one of Canada’s leading cybersecurity services and solutions providers. They serve over 500 clients, from SMB to global enterprise, in finance, government, healthcare, education, and more. For over three decades, they have been providing customers with advisory and technical services on complex and evolving issues related to cybersecurity. In addition to Canadian offices in Toronto, Ottawa, and Calgary, and an office in London, England, ISA Cybersecurity operates a world-class, 24/7/365, SOC 2 Type 2 security operations centre in Ontario. They are recognized as a Major Player in both the latest IDC MarketScape: Canadian Security Services Vendor Assessment and the latest IDC MarketScape: Canadian MDR Services Vendor Assessment. Learn more at www.isacybersecurity.com.
About Study Methodology
These are the findings of a study conducted by ISA Cybersecurity from September 25 to September 30 among a representative sample of 1,519 online Canadians who are members of the Angus Reid Forum. The survey was conducted in English and French. For comparison purposes only, a probability sample of this size would carry a margin of error of +/- 2.3 percentage points, 19 times out of 20.
Media information and to set up interviews:
Lindsay Ringuette
Senior Director, Marketing and Communications
647-571-9026
lindsay.ringuette@e-isa.com