Canadian CISOs more likely to push prevention than detection to fight ransomware: Survey

Canadian CISOs are the biggest proponents of fighting ransomware attacks through prevention rather than just detecting and responding to them, according to an international survey.

Eighty-seven per cent of the 100 Canadian respondents said prevention rather than detection is the focus of their organization’s defence against ransomware. That’s well above the average of 59 per cent for CISOs in 14 countries questioned earlier this year for Proofpoint’s annual Voice of the CISO survey (Registration required).

Second to Canada among those leaning towards prevention were respondents from Australia (75 per cent), followed by the U.K. (70 per cent) and France (65 per cent). Fifty-eight per cent of American respondents said their organization’s strategy focused on prevention rather than detection.

Most experts feel prevention against any type of cyber attack is better than relying on detection.

On the other hand, the report notes, four in 10 CISOs said their organization doesn’t a plan for whether it would pay a ransom if there was a successful attack.

The 2022 Voice of the CISO survey was conducted between Feb 22 and March 8 involving 1,400 chief information security officers from organizations of 200 employees or more across different industries in 14 countries: the U.S., Canada, the U.K., France, Germany, Italy, Spain, Sweden, the Netherlands, the United Arab Emirates, Saudi Arabia, Australia, Japan and Singapore. One hundred respondents replied from each country.

Canadian CISOs whose firms have cyber insurance are also more optimistic than their peers that it “will be there when needed.” Eighty-eight per cent trust in their coverage, compared to a global average of 58 per cent.  Only 49 per cent of American CISOs believe their organization’s cyber insurance will pay out when needed.

Canadian cyber security respondents were also more optimistic than their peers that their employees understand the role they play in protecting their organizations against cyber threats. Overall, 60 per cent of respondents agreed with that statement. By comparison 87 per cent of Canadian respondents agreed their employees understand they play an important role in cybersecurity. That, by the way, was up from 48 per cent in the 2021 survey.

Interestingly, 78 per cent of Canadian CISO respondents believe human error is their organization’s biggest cyber vulnerability. Only 49 per cent of U.S. respondents agreed with that statement. Globally the number was 56 per cent.

On the other hand, Canadian CISOs respondents were much less confident about their cyber security posture than their counterparts. Seventy-two per cent said they felt at risk of suffering a material cyber attack in the next 12 months, compared with 50 per cent last year. The global average was 48 per cent.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now