These companies most often faced attempts to steal money or ransom demands, as well as attempts to steal personal or financial data.
A total of 61% of impacted organizations identified external parties as the perpetrator of cybersecurity incidents, while 38% could not identify the perpetrator.
The percentage of businesses that said they spent money to detect or prevent cybersecurity incidents remained relatively the same in 2021, at 61%, compared to 62% in 2019.
However, the amount of money spent by Canadian businesses to detect or prevent cybersecurity incidents increased by approximately $2.8 billion in 2021 to reach $9.7 billion (B$), compared to 2019, said Statistics Canada.
Large businesses spent $4.4 billion, small businesses spent $2.9 billion and medium businesses spent $2.4 billion last year.
Businesses affected by a cybersecurity incident spent just over $600 million to restore their operations, an increase of about $200 million from 2019.
The report also found that many companies had implemented policies and procedures to mitigate risk.
More than six in ten companies had at least one employee responsible for overseeing cybersecurity risks and threats in 2021, while nearly four in ten had a consultant or contractor to manage threats. Nearly a third of companies updated their operating systems monthly or more frequently.
The report was based on data collected from January to March 2022.