The IT Nerd

As malicious actors wreak havoc on organizations of all sizes across the country, Canadian businesses are struggling to improve their cybersecurity posture leading to an increased risk of losing customers. Today, CIRA and Commissionaires announce a partnership that will help make cybersecurity training and protection readily available to small businesses regardless of their budget so they can keep their data, networks and customers safe.

With over 120 years of combined expertise in physical and online security, and a common goal to keep Canadians safe, both not-for-profit organizations have been working together to offer affordable, easy-to-deploy cybersecurity solutions tailored to the Canadian market to a wider range of businesses.

Commissionaires, Canada’s largest private sector employer of veterans and the only national not-for-profit security company, is responding to the increased sophistication and frequency of human engineering attacks by reinforcing businesses’ human cybersecurity layer: employees. This ensures employees receive the regular training they need to stay engaged while teaching them to view digital content critically.

This partnership with CIRA will kick off with two flagship solutions:

• CIRA Cybersecurity Awareness Training: designed to reduce human cybersecurity risks, this all-in-one platform leverages end-user gamification to include Canadian stories, privacy laws and institutions while providing risk assessment tools and bilingual courses. Over 200,000 Canadians at more than 400 organizations already trust the platform to affect positive behavioural changes.
• CIRA DNS Firewall: the cost-effective, low-maintenance layer of protection analyzes the DNS traffic of enterprises while also blocking users’ devices and applications from accessing malicious domains, preventing phishing attacks and stopping malware in its tracks. Located in Canadian data centres and peered to Canadian internet exchange points, CIRA DNS Firewall is powered by world-class threat intelligence. 

By leveraging CIRA’s solutions, Commissionaires plans to train thousands of Canadian workers on good security hygiene starting later this month and hopes to reach many more in the coming years.

CIRA and Commissionaires will attend the Colloque Cybersécurité et protection des données personnelles in Québec City on October 10 to discuss the partnership with local ministries, public, parapublic and private organizations.

Additional resources

• Learn more about CIRA cybersecurity services
• For more information about Commissionnaires du Québec cybersecurity solutions, visit: www.commissionnairesquebec.ca

Trust is hard-earned and easily lost; a lesson many Canadian organizations learned the hard way this year as cyber attacks impacted their businesses. Forty-four per cent of organizations reported experiencing a cyber attack in the last 12 months and more than a quarter of the 500 cybersecurity professionals surveyed, said that it had hurt their organization’s reputation (28 per cent) and cost them customers (26 per cent). The reports of reputational damage have quadrupled from six per cent in 2018.

In light of the financial and reputational impacts on their organizations, the latest edition of CIRA’s annual Cybersecurity Survey finds strong support (77 per cent of respondents) for government legislation like Bill C-26, An Act Respecting Cyber Security, to shape cybersecurity in Canada. Despite organizations claiming they typically pay $25,000 to $100,000 in ransomware, three-quarters (74 per cent) support legislation that would prohibit ransom payments. 

The volume of incidents in 2024 has led more organizations to seek cybersecurity insurance. More than 8-in-10 (82 per cent) organizations have cybersecurity insurance coverage, up from 59 per cent in 2021. In response, leading providers have implemented more restrictive measures; most organizations with a policy indicate that their provider has changed their coverage. Changes include verification of current security measures (39 per cent), increased premiums (38 per cent), changed eligibility criteria for obtaining/renewing coverage (37 per cent) and reduced reimbursement amounts for ransomware attacks (30 per cent). 

On the AI front, a staggering 70 per cent of organizations expressed worry about potential cyber threats stemming from AI technology. Of particular concern were data gathered by AI tools and the proliferation of improved phishing emails and texts. On a positive note, more than half of the organizations surveyed have integrated AI tools into their workflow and operations, recognizing the advantages that AI brings to cybersecurity.

The full findings are featured in this year’s survey report.

Key findings

• Cybersecurity in the news: just over 4-in-10 (43 per cent) respondents say their organization has made changes to its cybersecurity approach in response to news about major cyber attacks.
• Ransomware: over one quarter (28 per cent) of professionals report that they have been the victim of a successful ransomware attack in the last 12 months, up from 17 per cent in 2021. Of those, 79 per cent indicate that the organization paid ransom demands.
• Reputational damage: 28 per cent report damage to their organization’s reputation as an impact, compared to only six per cent in 2018 and 19 per cent in 2022.
• The AI threat: 7-in-10 (70 per cent) of respondents are worried about potential cyber threats from generative AI. Organizations are most concerned about data gathered by AI tools (61 per cent) and improved phishing emails and texts (56 per cent).
• The AI advantage: more than half (57 per cent) of cybersecurity professionals say their organization has integrated AI tools into its workflow and operations, up from 44 per cent in 2023.
• Who’s attacking whom: organizations are most likely to perceive profit-motivated cyber criminals as the biggest potential threat (60 per cent), followed by cyber criminals motivated by nationalist beliefs (33 per cent) and foreign state actors (32 per cent).

Additional resources

• 2024 CIRA Cybersecurity Survey executive summary and resource centre.
• Full survey results (PDF)

Today, CIRA announces the premiere of season two of its podcast, What’s up with the internet? focusing on the enduring subject of cybersecurity, online safety and the evolution of cybercrimes. Hosted by award-winning Canadian tech journalist Takara Small, this season of What’s up with the internet? is a revelatory journey full of eye-opening discussions around a topic that has impacted everything from our economy to our healthcare system—and even our elections.

Across six episodes, What’s up with the internet? explores the headline-grabbing cyber attacks on our public institutions, the government’s role in cybersecurity, the stories of those impacted by cybercrimes, the high stakes world of ransomware negotiations and more. Listeners will also receive expert advice on how to keep themselves safe in a shifting online threat landscape.

Season two features commentary and guest interviews from a variety of experts including Sami Khoury, Head of the Canadian Centre for Cyber Security, security guru Bruce Schneier, David Shipley, CEO and Co-Founder of Beauceron Security, Jon Ferguson, Vice-president, Cyber & DNS, CIRA and more.

Ahead of the release of season two, CIRA surveyed its membership on their experiences with hacking and cybersecurity.

Key facts

• 61 per cent of CIRA members have been the victim of a hack or an online scam, with the most common being phishing scams
• 60 per cent of CIRA members don’t trust private organizations with their data, while 39 per cent were only somewhat trusting
• 45 per cent reported that they had experienced their personal data being breached or stolen online
  

Listeners can learn more at cira.ca/podcast and subscribe to What’s up with the internet? on all major podcast platforms, including Apple Podcasts and Spotify.

Today, CIRA is proud to announce $1.25 million in grant funding as part of its Net Good program, going towards supporting 15 new community-led internet initiatives that improve the lives of Canadians. Net Good Grants recipients are advancing community internet infrastructure, implementing solutions to combat online harm and ensuring the internet remains a force for good. CIRA’s commitment this year to the Canadian internet ecosystem will reach more than 50,000 people who will benefit from the tremendous resources, opportunities and connections accessible online. With $12.95 million in community investments deployed across 232 projects since 2014, CIRA Net Good Grants have helped address digital challenges and provided essential funding to underserved groups affected by Canada’s digital divide.

According to research conducted for CIRA’s 2024 Canada’s Internet Factbook, more than three-quarters of Canadians (76 per cent) still report getting their news online—despite Meta’s decision to remove news content from its Canadian services in response to Bill C-18. But with the spread of misinformation and disinformation, some of CIRA’s funded initiatives this year are focusing not only on combating misinformation, but on identifying reliable news sources and keeping their communities safe online.

Whether it’s helping the creation of a trilingual toolkit, the launch of an Indigenous, youth-led podcast in Quebec, or the organization of the 2024 Youth Internet Governance Forum (IGF) in Toronto in September, CIRA understands the critical need to support the next generation of Canadian internet leaders.

The increase in online scams, cyberbullying and sexual exploitation underlines the need to ensure youth are equipped to build healthy online relationships and are provided with the tools they need to use the internet as a force for good. Most of this year’s initiatives focus on online safety to improve Canadian internet users’ technological skills so they can navigate the new reality of AI and cyber threats and improve their lives.

Key facts

Funding this year focuses on three main themes: infrastructure, online safety and policy engagement. Some important data to note:

• 10 initiatives focus on online safety, three are dedicated to infrastructure and two feature policy engagement
• 10 projects (66 per cent) serve students
• Nine projects (60 per cent) focus on supporting remote and rural communities
• Seven projects (46 per cent) serve Indigenous people

2024 CIRA Grant recipients

Alberta

John Humphrey Centre for Peace and Human Rights 
Youth across rural Alberta, Manitoba and Saskatchewan will employ arts-based digital media to articulate their experiences with racism online in knowledge-sharing sessions with policy stakeholders.

British Columbia 

PLEA Community Services 
About 500 school-based workshops aimed at stopping youth sexual exploitation online by giving children and young adults information and practical tools to keep themselves safe from online exploitation and sextortion.

Manitoba

The Pas Community Renewal Corporation 
Installation of a free, reliable wireless network for community residents, visitors and staff of The Pas Regional Library, making high-speed internet and library programs more accessible.

Nunavut 

Kamatsiaqtut Nunavut Helpline 
Virtual workshops and mental health resources addressing online safety, healthy relationships, gender-based violence and cyberbullying; all specifically tailored for Indigenous high school students.

Pinnguaq Association 
Four week-long hybrid camps providing engaging and hands-on education for children in Nunavut and Ontario around online safety, AI, privacy, misinformation and cyberbullying.

Ontario

Wabigoon Lake Ojibway Nation 
Extension of the Nation’s fibre optic network to offer affordable, fast and high-quality internet services for residents and community buildings.

Cyber-Seniors 
A multimedia Cybersecurity Training Toolkit to educate rural-residing older adults in Ontario, Alberta and New Brunswick on how to avoid online scams and stay safe online.

Hackergal 
Online safety will be the focal point of Hackergal’s STEM programming for the 2024/2025 school year, ensuring that girls across Canada receive tailored education and resources to navigate the digital landscape.

Junior Achievement Canada 
A suite of digital, self-directed learning modules for Northern, Indigenous and rural youth aged 12-16 to help them safeguard financial data, evaluate financial advice and understand their digital rights.

Platform
A national educational framework helping women and queer people understand online risks, privacy settings and safe online behavior—reducing barriers to civic engagement and online participation.

Women’s Shelters Canada 
Online modules for shelter workers to address common online safety issues faced by domestic violence survivors in Northern, rural and Indigenous communities.

Toronto Metropolitan University 
A hybrid Youth Internet Governance Forum (IGF) in September 2024 that will provide a platform for young Canadians (18-30) to convene and discuss internet public policy, connectivity issues and global internet coordination. The Youth IGF will include diverse and cross-Canada young stakeholders and rights-holders, building the next generation of Canadian internet leaders.

Saskatchewan

Onion Lake Cree Nation 

Moving the main network hub of the Nation to a new location that’s more accessible for technicians and installing a new fibre optic line, improving affordable connectivity for more buildings and residents of the Nation.

Quebec 

Idée éducation entrepreneuriale
French language online safety educational tools and podcasts co-created and hosted by students addressing cyberbullying, phishing techniques, malware, surveillance, hacking and misinformation.

Wikimedia Canada
A trilingual toolkit and podcast co-created by Atikamekw youth focused on online safety, combating misinformation and promoting accurate information from reliable sources.

Resources

• To learn more about the CIRA Grants program: https://www.cira.ca/en/grants/
• To learn more about all the projects supported in the past decade: https://www.cira.ca/en/grants/history/

A new poll commissioned by CIRA suggests that generative artificial intelligence (AI) and the spread of misinformation are top-of-mind for many internet users across the country. These results arrive months ahead of a U.S. presidential election and a Canadian election next year—a critical time for people to know what’s true online.

The annual survey found that Canadians’ concerns over AI outweigh their excitement for the tools. Half (51 per cent) say they’re concerned about the technology, while only one-in-five (17 per cent) say they’re excited about the development of AI. Among those concerned, most cite its contribution to the spread of fake images or videos (69 per cent), mis/disinformation (67 per cent) and insufficient regulations/controls on its use (65 per cent).

The spread of fake images and videos is also making an impact on Canadians’ online experiences. Two-in-ten Canadians say they have encountered deepfakes online in the past year and one quarter don’t know whether they have. Only half (51 per cent) of Canadians are confident in their ability to detect fraud and scams online—a drop of 16 per cent from 2023. Half (51 per cent) of Canadians believe that deepfakes are a threat to elections in Canada and other democratic countries.

As Canadians continue to navigate a messy information ecosystem, visiting specific news media sites online remains the top method for accessing news online (35 per cent), followed by Google searches about news events (33 per cent). Notably, since Meta’s decision to remove news content from its Canadian services, only 15 per cent of Canadians report accessing news online via Facebook, a decrease from 34 per cent in 2023.

The findings and more are outlined in CIRA’s 2024 Canada’s Internet Factbook.

Key findings

• About one-in-six Canadians (16 per cent) say they have used a generative AI tool or platform in the past year.
• Most Canadians (76 per cent) believe that posting or sharing deepfakes should not be allowed on social media.
• The top methods for accessing news online are visiting specific news/media sites (35 per cent) and Google searches about news events (33 per cent).
• Only half (51 per cent) of Canadians say they are confident in their ability to detect fraud/scams online, down from 67 per cent in 2023.
• Half (53 per cent) of Canadians believe that having a website makes businesses look more credible. 
  

Canada’s Internet Factbook 2024 was developed by CIRA through an online survey conducted by the Strategic Counsel. A total of two thousand Canadian internet users (18+) were surveyed via an online panel in March 2024. Every year CIRA produces Canada’s Internet Factbook through this research to identify trends in Canadian internet access and use. This year CIRA will post a four-part blog series of the most salient findings from its annual survey. The full research results showcasing the latest Canadian internet trends and online user habits can be found here.

For many Canadians, the ability to access, stay safe and succeed on the internet is still out of reach. To help close this gap, CIRA is launching its 2024 grants program to support not-for-profits, Indigenous communities, researchers and registered charities across the country that are working to bridge that digital divide.

Without access to high-quality, resilient internet, or the knowledge to stay safe online, many people remain isolated and at risk. Through its Net Good Grants program, CIRA is leveraging more than 10 years of experience supporting communities, projects and policies that make Canada’s internet better.

CIRA Net Good Grants

CIRA awards grants up to $100,000 for community-led internet projects with over $1,000,000 available in funding.

The program welcomes projects that focus on three core areas to bring about digital development in communities nationwide:

• Infrastructure: connectivity research, network planning and solutions to improve internet access, speed and affordability.
• Online safety: research, educational frameworks, tools, consultations and training programs that increase Canadians’ safety against cybersecurity threats.
• Policy engagement: events, research and policy ecosystem work that broadens public awareness in domestic internet policy and governance.

Applications will be accepted from every province and territory with a focus on projects that benefit rural, Northern and Indigenous communities and K-12 and post-secondary students. CIRA especially encourages applications for eligible projects in the Prairies, Quebec and the Maritimes to help ensure funding reaches traditionally underserved communities.

For the past 10 years, CIRA has invested $11.7 million towards 217 digital equity projects across Canada from revenue generated through .CA domain registrations and CIRA’s cybersecurity services. Learn more about how to apply for a CIRA Grant by visiting www.cira.ca/grants. Interested applicants can also join a webinar in English on March 5 at 1 p.m. ET or in French on March 6 at 1 p.m. ET.

Who is eligible to apply?

• Organizations recognized by the Canada Revenue Agency as registered charities;
• Not-for-profit organizations;
• Indigenous communities; and
• Academics and researchers affiliated with a Canadian university or college.

Applicants are encouraged to submit their applications in advance of the deadline on April 10, at 2 p.m. ET / 11 a.m. PT.

Additional information

• See how CIRA’s Grants are empowering communities: https://www.cira.ca/en/grants/
• For more information about CIRA’s commitment to building a trusted internet for Canadians, visit www.cira.ca/en/net-good/.