Article content continued

“Overall, it’s a very positive initiative,” said Saj Nair, a partner and cybersecurity consulting leader at PwC Canada. “It will make (Canadian businesses) more resilient.”

The effect of cyber crime on Canadian GDP is lower than in the U.S. (0.17 per cent versus 0.64 per cent), but the reason for this gap may be underreporting and a lack of data, according to a Fraser Institute report.

The lack of data is because companies do not want to admit that they were victim to a hack, particularly because of the perceived liability, said Ray Boisvert, president of I-Sec Integrated Strategies and a former assistant director of the Canadian Security Intelligence Service.

Cyber attackers know this too and use this vulnerability to their advantage, and since companies aren’t sharing information with competitors or others, others fall victim to similar attacks. “Adversaries and attackers are extremely good at collaborating,” Nair said. “The defending organizations are not as great,” he says.

That’s why a key tool in the fight against cyber attacks is information sharing.

“If one organization notices an incident, if they can quickly pass that information on to other organizations, then we will help a lot of other organizations from falling victim to the same breach,” Nair said.

There have been some very high-profile cyber attacks recently. For example, a group of hackers in November 2014 got into Sony Pictures Entertainment’s systems, wreaking an unprecedented amount of havoc. The personal information of 47,000 employees and actors was leaked, including details such as social security numbers and salary information.