--- description: Cybersecurity measures for businesses are evolving but deepfakes present a rising threat to Canadian firms. GetApp investigates how to avoid attacks. image: https://gdm-localsites-assets-gfprod.imgix.net/images/getapp/og_logo-94fd2a03a6c7a0e54fc0c9e21a1c0ce9.png title: Cybersecurity measures for businesses against deepfakes --- # Over half of Canadian companies have a deepfake response plan in the wake of rising cyberthreats Canonical: https://www.getapp.ca/blog/6866/cybersecurity-measures-canadian-business-deepfake-plan Published on 2024-08-26 | Written by David Jani. ![Over half of Canadian companies have a deepfake response plan in the wake of rising cyberthreats](https://images.ctfassets.net/63bmaubptoky/2NBZv3FBebdLOiUNz9Bt8E/c8c80c3af4869b6a30de83a2b1bb6e57/Biometric-data-executive-cybersecurity-UK-GetApp-HEADER.png) > New and sophisticated cyberattacks, such as artificial intelligence (AI)- generated deepfakes, present a major threat to Canadian businesses. How can they uphold identity theft protection and cybersecurity against more daring cyberattacks? ----- ## Article Content New and sophisticated cyberattacks, such as artificial intelligence (AI)- generated deepfakes, present a major threat to Canadian businesses. How can they uphold identity theft protection and cybersecurity against more daring cyberattacks?In this articleCanadian IT professionals have doubts about biometric security methodsDeepfake response plans are catching on in Canada, but is it fast enough?7 cheap and easy fixes to enhance Canadian company cybersecurityPreparation is better than panicCybersecurity measures for businesses are always evolving. As newer threats using AI breakthrough into the mainstream, companies are adapting to cover risks like deepfakes and their capacity to outwit biometric protections. That was a key finding in GetApp’s Executive Cybersecurity Survey\*, which studied the responses of 2,648 IT and cybersecurity professionals globally, including 235 Canadian respondents.This is leading some businesses to rethink their ways to ensure cyber protection including those previously thought unbreakable like biometric access. Companies should aim to weather potential threats from newer technologies by setting up security provisions, from network monitoring to company training.Key insightsWhile 95% say they are satisfied with the results of using biometrics in their company’s security infrastructure, 54% of Canadian IT and cybersecurity professionals identify privacy concerns as a major challenge of using biometric authentication. 57% say their companies have a dedicated plan for dealing with cybersecurity threats such as AI-generated deepfake fraud.75% of Canadian businesses surveyed have increased their company’s cybersecurity investments over the past 18 months.Canadian IT professionals have doubts about biometric security methodsBiometric authentication has been around for many years and has become the default way to confirm identity for many types of software and hardware worldwide. However, it appears that Canadian companies have doubts about its use compared to other countries.Our data showed that companies in Canada are less likely than many peer countries, such as the U.S. and the U.K., to enforce the use of biometric authentication. Just under half (49%) of Canadian respondents work in companies that require the use of biometrics compared with a global average of 53%. Additionally, less than a quarter of Canadians surveyed (24%) work in a company where biometrics are offered as an optional cybersecurity measure.The vast majority (95%) of Canadian professionals using biometric authentication systems are satisfied, suggesting their ease of use and accuracy in identification may be proving a boon to businesses.Despite the positive assessments, users still highlight concerns. Many of the issues noted are longstanding concerns, such as uneasiness over privacy, cost, and user acceptance. These are all fundamental factors that arise from the implementation of biometrics, suggesting Canadian IT professionals could be slightly more skeptical of these tools from the get-go.  However, over a third (37%) of Canadian IT professionals using these systems highlight the risk of identity theft as a worry.While 73% of Canadian respondents use biometric authentication in some capacity, they also have the highest levels of anxiety about emerging threats such as deepfakes. To illustrate, 78% of Canadian respondents (above the global average of 73%) express concerns about the potential of AI to be used for biometric identity fraud, such as the creation of synthetic fingerprints, facial images, or voices.However, it might be too soon to predict the end of biometric security measures just yet. As shown before, they often prove successful when implemented and can definitely provide a stronger layer of authentication than many other identification methods. That said, with trust in biometrics starting from a low point in Canadian companies, newer threats spurred on by generative AI could slow its future adoption in the country.Biometrics aren’t bullet-proof; Ensure multiple layers of protectionWhile businesses have to rethink using biometric security steps, they are still considered valuable to bolster security. Nevertheless, businesses shouldn’t rely on them solely, or indeed any authentication measure without a failsafe.This was recently demonstrated by the data breach affecting 500 million Ticketmaster users. In this cybersecurity incident, the attack succeeded because the company’s cloud provider had not enforced multi-step authentication for all of their users. \[1\]Therefore, it is vital to ensure that multi-factor authentication (MFA) is used and enforced at the company level to keep every staff member properly secured. Deepfake response plans are catching on in Canada, but is it fast enough?As cybersecurity attacks such as deepfakes embed themselves in the public consciousness, companies should take quick and decisive preparatory action to address the threat.It is always important to have a crisis plan in place for many cybersecurity risks. However, this plan must evolve to cover new and developing threats. Companies need to factor in how a deepfake attack could unfold and how they could react if it has any margin of success. Thus far, more than half (57%) of Canadian professionals surveyed work in companies with a dedicated deepfake response plan. However, this is below the global average of 60%, suggesting Canadians have some catching up to do on this front.Companies are taking many different approaches to prepare themselves against cyberattacks. Overall, Canada stands a little behind the global curve in this survey as demonstrated in the graph below. On the other hand, the country also appears strong in measures such as awareness training, suggesting that local businesses may prove better prepared than others in peer countries. Signs you might be talking to a deepfakeDeepfake technology is often used for nefarious purposes. Hence, it is important to know how to figure out if you’re being scammed. Some common features of deepfake videos include:Jerky unnatural body movement Blurring around facial featuresUnnatural eye movementsUnusual colorationInconsistent audioAdditionally, if you are in doubt about the person you are speaking to, you can easily spot discrepancies by asking them to turn their heads 90° to the side to see a profile view of their face. This method to help prevent deepfakes can disrupt the software algorithm that projects another face onto the speaker as it has to adapt to a shape it is not as used to working with.7 cheap and easy fixes to enhance Canadian company cybersecurityEmerging cyberthreats and technologies are pushing companies to enhance investments to ensure advanced cybersecurity checks. This is reflected in the sample we surveyed in Canada, with 75% of respondents saying their firms have raised investment in cybersecurity over the last 18 months. However, companies can adopt numerous security vulnerability fixes to improve their defenses relatively quickly without spending much on deployment.For instance, we noted that Canadian respondents working in companies that have been hit by cyberattacks in the 18 months prior focus on simple but essential responses, as the graph below indicates. The priorities listed above can be essential for good cybersecurity health and in many cases can be implemented cost-effectively. To ensure Canadian companies ensure proper protection from both conventional threats and newer more technologically advanced risks, we’ve highlighted seven measures that companies could deploy:1. Develop a deepfake planWhilst many in our sample have a deepfake plan in place, a good deal (43%) of companies in Canada don’t have it or are unsure about it. For those without a plan, it is important to rectify the situation.The plan itself should ideally examine ways to strengthen protection against deepfake attacks by prioritizing staff cybersecurity awareness and training. Additionally, it is important to prepare a crisis plan that details steps to take should an attack begin to succeed so proper procedures are in place.2. Provide multiple layers of protectionAs evidenced by recent deepfake fraud and cyberattacks, having multi-factor authentication (MFA) on your systems is key. This ensures that if one form of identification and authentication is breached, there are at least others that could withstand a threat.MFA software is an important inclusion to achieve this. This might involve passwords, memorable information, or even biometrics. Whilst we’ve seen concerns about the security of biometrics, they still offer a great deal of protection and should be considered for at least one step of authentication. When selecting a viable system, it can help to look out for software providers who offer features such as enhanced fraud detection and low-code integrations.3. Audit security at a network levelAt a time when new threats such as deepfakes are rising in profile, it is vital to review your company's network security. Any vulnerabilities in this infrastructure could easily allow a cyberattack to succeed. We found that this was a major priority for Canadian businesses with 53% of our sample whose senior execs were targeted by cyberattackers. This is key to underpinning security.Network security software should be standard in every company. It protects against cyberattacks and data loss by detecting and blocking threats such as viruses, malware, and unauthorized access. It also improves network integrity and availability, creating a more stable and secure IT infrastructure.4. Enforce software update schedulesLeaving software unpatched can have severe security consequences. 45% of the professionals we surveyed in Canada working in businesses targeted by a cyber breach in the last 18 months are now making software updates a priority.Businesses can benefit from deploying patch management software that scans software for updates and ensures they are automatically updated. This will ensure that your tech stack remains fully patched, updated, and secure with the latest security protections.5. Strengthen password policiesA good password policy is a company-wide concern. This is an ever-more-important issue to ensure each step of security is up to the challenge of today’s technical landscape, especially as trust in biometric verification drops. Moreover, a strong password policy will only get more vital as AI tools emerge that can crack passwords with greater ease. \[2\]Implementing self-service password reset (SSPR) software tools can be useful in this regard. They can help ensure staff regularly update their passwords and set parameters for the complexity of a password.6. Provide enough training to executivesExecutives are a prize target for scammers due to their levels of access and oversight of major transactions and decisions in a company. New threats, such as deepfakes, require extra commitment to this goal.Security awareness training software can prove practical for executives and other staff, offering up-to-date guidance on spotting and responding to the latest threats.  7. Encrypt data appropriatelyUnprotected data makes your business an easy target for attacks. Therefore, ensuring that business data is stored and shared securely is essential.Having a strong data encryption solution is key. This makes the data harder to access and interpret without the right authorization, so even if a hacker gets away with information, they may not be able to use it.Preparation is better than panicThere’s no doubt that new threats, such as deepfakes, which can undermine biometric protection, are a cause for concern. However, there is much that can be done to face up to the threat.Extra preparedness needs to be an active focus across a business and should apply to all employees regardless of their position in the business. In our next report, we will investigate this in greater detail and study how companies can do more to protect senior leadership from becoming a target for a cyberattack.Looking for network monitoring software? Check out our catalogue. ## Disclaimer > Methodology\*GetApp's Executive Cybersecurity Survey was conducted in May 2024 among 2,648 respondents in the U.S. (n=238), Canada (n=235), Brazil (n=246), Mexico (n=238), the U.K. (n=254), France (n=235), Italy (n=233), Germany (n=243), Spain (n=243), Australia (n=241), and Japan (n=242). The goal of the study was to explore how IT and cybersecurity professionals are responding to the rising threat of biometric fraud. Respondents were screened for IT and cybersecurity roles at companies that use security software and have more than one employee. Respondents were screened for involvement in, or full awareness of, cybersecurity measures implemented at their company.Sources:Ticketmaster confirms hack which could affect 560m, BBCThis scary AI recognizes passwords by the sound of your typing, PC World ## About the author ### David Jani David is a Content Analyst for the UK, providing key insights into tech, software and business trends for SMEs. Cardiff University graduate. He loves traveling, cooking and F1. ## Related Categories - [Artificial Intelligence Software](https://www.getapp.ca/directory/1397/artificial-intelligence/software) - [Cybersecurity Software](https://www.getapp.ca/directory/1035/cybersecurity/software) - [Help Desk Software](https://www.getapp.ca/directory/287/help-desk-ticketing/software) - [IT Service Software](https://www.getapp.ca/directory/1049/it-service/software) - [Network Security Software](https://www.getapp.ca/directory/1443/network-security/software) ## Related Articles - [AI-enhanced malware and phishing worry Canadian IT pros most for 2025, learn four ways to get secure](https://www.getapp.ca/blog/7229/canada-data-security-worries-it-professionals) - [A guide to digital non profit solutions](https://www.getapp.ca/blog/2370/a-guide-to-digital-non-profit-solutions) - [54% of surveyed senior managers use anti-phishing software](https://www.getapp.ca/blog/4226/protect-business-from-phishing-attacks) - [A comprehensive guide on how to secure data in the cloud](https://www.getapp.ca/blog/3246/how-to-secure-data-in-cloud) - [Data protection and the CPPA: What you need to know](https://www.getapp.ca/blog/2197/cppa-business-compliance-canada) ## Links - [View on GetApp](https://www.getapp.ca/blog/6866/cybersecurity-measures-canadian-business-deepfake-plan) - [Blog](https://www.getapp.ca/blog) - [Home](https://www.getapp.ca/) ----- ## Structured Data