Statistics Canada has a data set for Police-reported cybercrime (normalised by 100K population). In 2021 the national average was 184.13 reports per 100K. The report is broken down by census metropolitan area, and guess who is #1? That’s right, the Region of Waterloo. A dubious honour. Are we just better at detecting and reporting? A bigger target? An easier target? More mid-sized companies?
There’s a textual commentary that goes with the charts and data. But i found the most interesting was the type / motive breakdown:
Motive | 2019 | 2021 |
---|---|---|
Business was impacted by any cyber security incidents | 20.8 | 18.1 |
Incidents to disrupt or deface the business or web presence | 3.2 | 3.5 |
Incidents to steal personal or financial information | 6.1 | 5.9 |
Incidents to steal money or demand ransom payments | 8.8 | 6.7 |
Incidents to steal or manipulate intellectual property or business data | 1.6 | 1.8 |
Incidents to access unauthorised or priviledged areas | 3.7 | 3.8 |
Incidents to monitor or track business activity | 1.2 | 1.6 |
Incidents with an unknown motive | 7.9 | 7.0 |
61% of companies reported spending some money to prevent a cyber security incident. That’s 40% who saw no point. And together, that was $10B. 1 in 10 had a ransom related incident, and of those, 82% did not pay.
But, coming back to the headline. How can Waterloo be 2x Ottawa on reported Cybercrime? Comments?