Statistics Canada has a data set for Police-reported cybercrime (normalised by 100K population). In 2021 the national average was 184.13 reports per 100K. The report is broken down by census metropolitan area, and guess who is #1? That’s right, the Region of Waterloo. A dubious honour. Are we just better at detecting and reporting? A bigger target? An easier target? More mid-sized companies?
There’s a textual commentary that goes with the charts and data. But i found the most interesting was the type / motive breakdown:
|Business was impacted by any cyber security incidents||20.8||18.1|
|Incidents to disrupt or deface the business or web presence||3.2||3.5|
|Incidents to steal personal or financial information||6.1||5.9|
|Incidents to steal money or demand ransom payments||8.8||6.7|
|Incidents to steal or manipulate intellectual property or business data||1.6||1.8|
|Incidents to access unauthorised or priviledged areas||3.7||3.8|
|Incidents to monitor or track business activity||1.2||1.6|
|Incidents with an unknown motive||7.9||7.0|
61% of companies reported spending some money to prevent a cyber security incident. That’s 40% who saw no point. And together, that was $10B. 1 in 10 had a ransom related incident, and of those, 82% did not pay.
But, coming back to the headline. How can Waterloo be 2x Ottawa on reported Cybercrime? Comments?