Thank you very much, Mr. Chair and members of the committee. It's a real pleasure to be here with you today.
I'm Trevin Stratton. I'm the chief economist at the Canadian Chamber of Commerce. The Canadian chamber is the voice of business in Canada, and represents a network of over 200,000 firms from every sector and region and every size of business. I'm here with my colleague, Scott Smith, the senior director of intellectual property and innovation policy at the chamber.
Banking transactions are increasingly being conducted in new ways, with 72% of Canadians primarily doing their banking online or through their mobile device. Disruptive or destructive attacks against the financial sector could, therefore, have significant effects on the Canadian economy and threaten financial stability. This could occur directly through lost revenue, as well as indirectly through losses in consumer confidence and effects that reverberate beyond the financial sector, because it serves as the backbone of other parts of the economy. For example, cyber-attacks that disrupt critical services, reduce confidence in specific firms, or the market itself, or undermine data integrity could have systemic consequences for the Canadian economy as a whole.
Banks have invested heavily in state-of-the-art cybersecurity measures to protect the financial system and the personal information of their customers from cyber-threats. In fact, cybersecurity measures and procedures are part of the banks' overall security approach, which includes teams of security experts who monitor transactions, prevent and detect fraud and maintain the security of customer accounts.
The sophisticated security systems in place protect customers' personal and financial information. Banks actively monitor their networks and continuously conduct routine maintenance to help ensure that online threats do not harm their servers or disrupt service to customers.
However, cybersecurity issues are marked by significant information asymmetries, where a disproportionate amount of intelligence and capacity resides with large institutions like the federal government, the Bank of Canada and a few large private sector companies, including financial institutions. Yet, small and medium-sized enterprises are no less vulnerable. It is important for them to secure a cybersecurity ecosystem. They are also disproportionately subject to mounting asymmetries in resources, technologies and skills to defend against nefarious adversaries who, with relatively primitive skill sets and resourcing, can inflict excessive financial and reputational damage.
My colleague, Scott Smith, will now outline the cyber-threat landscape facing Canada's small and medium-sized enterprises.