Sunday, April 2, 2023
Home Tech News Give tax break so small Canadian firms can invest in cybersecurity, Parliament...

Give tax break so small Canadian firms can invest in cybersecurity, Parliament told

Ottawa should deploy a wide range of strategies, including tax breaks, to encourage small businesses to take cybersecurity more seriously, a member of a think tank told a parliamentary committee this week.

“I think the government should incentivize companies to adopt the latest security measures, such as the cybersecurity standard established by ISED (Innovation, Science and Economic Development) and CSE (the Canadian Security Establishment, the country’s electronic spy agency that also protects federal IT networks) for small and medium organizations,” Aaron Shull, managing director and general counsel of the Centre for International Governance Innovation (CIGI) told the House of Commons defence committee.

The standard he referred to is CyberSecure Canada, a program for small and medium-sized firms. Companies that meet certain criteria and pass a security audit can tell customers and partners they have met the certification standard.

Started in 2019, the program hasn’t been widely adopted. A year after the program was announced, IT World Canada found that only three firms had been certified.

“The standard provides a high level of protection,” Shull told the committee, “but its adoption — and this is the problem — has been limited. Implementing a tax benefit system as an incentive to help increase the overall level of cybersecurity in the country and reduce the risk of cyberattacks on businesses would be a way forward.”

Second, the federal government should establish a clear and concise legal framework for  how the private sector can deal with cyber attacks, including guidelines for attribution of attackers, response, and for liability should companies be allowed to hit attackers back. But, he added, the framework should also be “nimble and respond to a fast-changing environment. And the regulations should be driven by “sound policy” and not politics.  The cabinet would set standards, a code of practice and certification programs to act as an integrated compliance program, he said.

Third, Shull said, Ottawa should convene an annual cybersecurity conference for a wide range of stakeholders — companies, the IT industry, provincial, territorial, and municipal governments, academics, Indigenous communities, non-profits — to learn more about cybersecurity and do tabletop exercises. Not all sessions would be open to the general public.

One model, he added, is a “cybersecurity dialogue” that CIGI will host in June in Waterloo, Ont., where it is headquartered.

“In my view, cybersecurity is a whole of society concern for Canada,” Shull explained, “and everyone should do more to address this issue.”

In an interview, Shull noted the CyberSecure Canada program has been put forward by the Standards Council of Canada and the Digital Governance Council (formerly the CIO Strategy Council of Canada). “If you are a small and medium-sized enterprise you will probably be OK” to withstand attacks from unsophisticated threat actors, he said. It’s “relatively rare” for nation-state actors to go after SMEs here, he said.

But the federal government needs to give incentives to the private sector to act, Shull said. “We always wait for the ‘Oops’ moment before we do something.”

He isn’t sure how much of a tax incentive Ottawa should offer, other than “make it big enough that people will actually do it.”

But he added, the economic benefit of having companies spend less on recovering from a cyber attack should increase government revenue, and spur innovation.

- Advertisment -

Most Popular

Call Of The Wilde: Carolina Hurricanes shutout the Montreal Canadiens

The Montreal Canadiens, heading into the final two weeks of the season, invited another difficult opponent into the Bell Centre on Saturday night. The...

Krablr develops generative AI language to boost crab yields

Krablr, the real-time crab pricing engine for amateur fishermen, has announced yet another pivot in its business model. Following a successful transition from crab...

Junji Ito’s Bloodsucking Darkness Manga is Getting a Film Adaptation

Junji Ito is one of the biggest horror creators in manga, and his long career has led to numerous adaptations of his work....

Kim Kardashian Sizzles In Nude SKIMS One Piece For Beach Photoshoot

View gallery Image Credit: BACKGRID Kim Kardashian, 42, looked like a summer dream, in her latest set of photos. The reality star rocked a...