statistics_canada_logo.png (image - 700 x 700 free)

Canadian Survey of Cyber Security and Cybercrime


Why are Statistics Canada data on the Serene-risc website?

Statistics Canada is Canada’s national statistical office. It ensures that Canadians have access to the important information about Canada's economy, society and environment so that they can function effectively as citizens and decision-makers. Serene-risc is a knowledge mobilization network that allows the community to better protect themselves from IT threats and minimize consequences.

In collaboration with Statistics Canada, SERENE-RISC is providing access to recent and unique data on cybersecurity and cybercrime in Canada. These data were collected as part of the 2017 and 2019 Canadian Survey of Cyber Security and Cybercrime, which aims to better understand the impact of digital risks on businesses of all sizes. The collaboration of the two organizations aims to facilitate a wider dissemination of the results of this survey and to enable businesses, federal, provincial and municipal government agencies, researchers, and the general population to access reliable statistics to improve their level of protection against cyber risks.


What is the purpose of the Canadian Survey of Cyber ​​Security and Cybercrime ?

Canadian businesses continue to rapidly embrace digital technologies, exposing them to greater cyber security risks and threats. However, the impact of these risks and threats on business investments and day-to-day business decisions is not easily understood, as cyber security incidents are often not reported.

The Canadian Survey of Cyber ​​Security and Cybercrime is the first of its kind in Canada and one of the most comprehensive surveys on cyber security and cybercrime in the world. It aims to fill some of the statistical gaps by presenting a picture of the current threat environment in a way that was not previously possible, by providing new and up-to-date information on the behavior of Canadian businesses responding to cyber security challenges.

It collects data on the impact of cybercrime on Canadian businesses as well as data on their activities to mitigate the effects of cyber security incidents. The survey also measures investments in cyber security measures, cyber security training, the types of cyber security incidents impacting businesses, and the costs associated with responding to these incidents. The survey makes it easy for businesses to compare their situation to that of their industry, and to easily and quickly create reports on a variety of topics.


Where do the survey data come from, why are they reliable and how were they compiled?

This is a mandatory survey, which makes its results extremely valuable in creating a complete picture of the cyber security landscape in Canada. Data are obtained directly from respondents using electronic questionnaires. The target population includes businesses with operations in Canada with 10 or more employees in all sectors except government. The sample size was over 12,000 firms, and the response rate was over 75% in both 2017 and 2019.

Since businesses are not always aware of cyber security incidents that have affected them or are unwilling to report certain incidents, the survey results may have been affected by an underreporting bias.

Businesses were only asked to report incidents that impacted them. As a result, incidents that companies deemed not impactful are not captured in these data.

To find out more, click here.


What guidelines were given to respondents who participated in the survey?

In order to fully understand this survey, do not hesitate to consult the "Information for respondents" (2017 - 2019) section of the questionnaire which will inform you about the general guidelines for respondents as well as provide a description of the questions administered.

Can the survey data be compared over time?

Most of the survey questions were asked in a comparable way from 2017 to 2019, so comparisons between the reference years can be made for most indicators. However, a few exceptions do exist due to definitional and methodology changes for particular questions. Several questions also changed numbers from 2017 to 2019. These changes are noted in the concordance file provided below.


How can I access the survey?

To access the results of the Canadian Survey of Cyber ​​Security and Cybercrime and download them as aggregated tables in Microsoft Excel format, click on the icons below:

Stat-2017.png (thumb - 200 x 200 free)              Stat-2019.png (thumb - 200 x 200 free)

To access to the concordance file, click here.

To access the microdata of the survey, the usual procedure continues to apply.


Can I freely use the results of the survey?


The survey was conducted by Statistics Canada and sponsored by Public Safety Canada; Royal Canadian Mounted Police; Natural Resources Canada; Communications Security Establishment; Innovation, Science and Economic Development Canada; and Public Services and Procurement Canada. It is distributed by the Smart Cybersecurity Network (SERENE-RISC) and publication by Serene-risc is authorized under the Statistics Canada Open Licence.

Statistics Canada's Open Licence governs the use of most data products and other materials published by Statistics Canada.

This license allows you to use Statistics Canada's information without restriction as to its sharing and redistribution, for commercial and non-commercial purposes.

For more details on this license and its specific terms and conditions:


Who do I contact for more information?