Concerns about rising cyber threats not translating to bigger IT budgets

Despite feeling they face information security threats, 42% of Canadian businesses have no plans to increase their IT security budgets next year, according to EY Canada.

In EY’s Global Information Security survey, 92% of organizations said they are facing rising threats to the information security, but 42% said their budgets would either stay the same or decrease in 2015.

Related: Cyber attacks, terrorism cited as top emerging risks for 2015: survey

More than half (54%) of those surveyed also indicated that it is either highly unlikely or unlikely that their organization would be able to detect a sophisticated cyber attack.

Thirty-seven percent surveyed indicated that they have no real time insight on cyber risks, and for a further 27% it is only “sometimes” available, the report notes.

“Although we are experiencing ever greater attention on cybercrime in the boardroom and from non-executive directors around the globe, it seems that this interest doesn’t translate into additional money,” the report says.

Related: Quoting, analytics technology top priorities for Canadian insurance industry in 2015

“Nevertheless, there is still a need for more money and resources to face the growing threats effectively.”

Outside of budget only, a lack of skilled resources was also a reported challenge for 57% of respondents.

“Clearly, this situation is not sustainable in the medium to long term,” Gaétan Houle, national IT security practice leader at EY Canada noted in a statement on the survey results.

“Organizations need to find a way to increase their resilience to cyber attacks with the same amount of financial and personnel resources. Support from Managed Security Services Providers (MSSP) could be an option to consider for several small to medium companies.”

Interactive comparison: explore extracts from the survey data