Canadian businesses have urged governments to establish “cyber firefighting teams” to handle sophisticated, artificial intelligence-powered cyberattacks, according to the “KPMG Private Enterprise Business Survey” published by KPMG in Canada.
The survey results revealed that 83 percent of Canadian businesses were concerned they could not overcome current or next generation cyberattacks. Eighty-six percent considered cyberattacks to be the biggest threat to three-year growth plans.
Eighty-eight percent were worried that nation-state actors were employing a “harvest now, decrypt later” tactic, keeping encrypted corporate, medical or defence data such as those passed through current AI models. They would then decrypt these data once quantum machines were able.
Thus, 89 percent supported the establishment of cyber firefighters to tackle such cyber incidents. Ninety-four percent called on all levels of government to prioritize cybersecurity and expected the federal government to set cybersecurity standards and guidelines.
“The call for cyber first responders isn't just theoretical, it reflects a growing consensus that we need to act now. Business leaders see cyber risk as the biggest barrier to growth, and many worry about their ability to withstand the next wave of attacks. AI and quantum will redefine the threat landscape, but with the right investment in rapid response and resilience, we can turn fear into confidence and keep our digital economy thriving,” said Imraan Bashir, KPMG in Canada partner and national public sector cyber leader, in a statement.
Business leaders have been bolstering their use of AI in cybersecurity, with 89 percent reporting that it has had a significant effect on their organizations. Moreover, they are adopting AI-resistant digital keys that resist near-term quantum attacks, conducting yearly cyber tabletop exercises, and running regular system audits.
However, 84 percent of respondents said that in staff training, cybersecurity was a “tick-the-box” initiative that was not optimized.
“Good cyber hygiene is the first line of defence against any type of breach or attack so it's crucial that this training is engrained among all employees. With attacks becoming more sophisticated, leaders need to embed cyber awareness into everyday culture, not just annual compliance. This means making training continuous, practical, and relevant so employees become the first line of defence, and not the weakest link,” said Hartaj Nijjar, KPMG in Canada’s national leader of risk services and cybersecurity.
Nijjar called for the public and private sectors to collaborate on rapid-response capabilities boosting national resilience to cyberattacks.
“As Canada becomes more reliant on digital infrastructure, the risks posed by cyberattacks are now just as serious as natural disasters like wildfires, floods, and tornados. These attacks can come fast and without warning, often overwhelming even the best-prepared organizations. It only takes one major cyber incident to destabilize essential services, disrupt the economy, and erode public trust,” Nijjar said.
The ” KPMG Private Enterprise Business Survey” obtained responses from 501 business owners or executive level C-suite decision makers at Canadian companies via Sago's premier business research panel. The survey period ran from September 11 to October 2.