The Role of Cybersecurity Policy Post COVID-19
Digital Marketing & Communications Specialist
Samuel Associates Inc.
As the federal government considers options to reset the economic, financial and tax regimes in a post-COVID-19 era, there is a tremendous opportunity to introduce behavioural economics as a vehicle for encouraging best practices in cybersecurity for Canadian companies.
In discussions with a variety of businesses as well as our clients, it is clear that they uniformly want to invest in more cybersecurity measures to protect their competitive marketplace position, IP assets and digital infrastructure. They all agree that the traditional government interaction model with business and organizations belongs to the pre-Internet era.
Proposal of a New Tax Credit
While discussing what types of changes would immediately help benefit a business now, an innovative idea was tabled — the creation of a new cybersecurity tax credit for Canadian companies. This new tax credit would help address the current challenges faced by all businesses that are seeking to transform their business models to better align with the digital economy. The cybersecurity tax credit would help to offset the increasing costs of operating and maintaining effective, up-to-date cybersecurity measures while anticipating future security needs as technology rapidly evolves.
Preferential Lending for Businesses with Cybersecurity Practices
Another corporate behavioural change in a post-COVID-19 economy would be preferential lending, certification or insurance rates. Businesses that implement cybersecurity measures and can demonstrate their readiness should benefit from preferable lending rates and terms from government-owned institutions and Crown corporations such as EDC and BDC. In response to the COVID-19 pandemic, the Government of Canada introduced the Business Credit Availability Program (BCAP) to help Canadian businesses obtain financing during the period of economic uncertainty. This measure and other economic measures announced by the government aimed at bolstering the financial and economic systems illustrated both the creative and practical uses of EDC and BDC as fiscal instruments of change.
When it comes to borrowing or bonding, banks, insurance companies and other government entities typically ask a firm to provide its managerial, financial and technical expertise when assessing transactional risk. Why not include a new risk category for cybersecurity preparedness? In this scenario, businesses that are investing in cybersecurity measures are genuinely encouraged to transform and evolve with technology and rewarded for their efforts, rather than burdened with the high costs associated with cybersecurity expenditures. Similarly, the government and associated lending and insurance entities mitigate their exposure to risk without incurring punitive one-off costs after cyber-failures.