The Role of Cybersecurity Policy Post COVID-19
As the federal government considers options to reset the economic, financial and tax regimes in a post-COVID-19 era, there is a tremendous opportunity to introduce behavioural economics as a vehicle for encouraging best practices in cybersecurity for Canadian companies.
In discussions with a variety of businesses as well as our clients, it is clear that they uniformly want to invest in more cybersecurity measures to protect their competitive marketplace position, IP assets and digital infrastructure. They all agree that the traditional government interaction model with business and organizations belongs to the pre-Internet era.
Proposal of a New Tax Credit
While discussing what types of changes would immediately help benefit a business now, an innovative idea was tabled — the creation of a new cybersecurity tax credit for Canadian companies. This new tax credit would help address the current challenges faced by all businesses that are seeking to transform their business models to better align with the digital economy. The cybersecurity tax credit would help to offset the increasing costs of operating and maintaining effective, up-to-date cybersecurity measures while anticipating future security needs as technology rapidly evolves.
Preferential Lending for Businesses with Cybersecurity Practices
Another corporate behavioural change in a post-COVID-19 economy would be preferential lending, certification or insurance rates. Businesses that implement cybersecurity measures and can demonstrate their readiness should benefit from preferable lending rates and terms from government-owned institutions and Crown corporations such as EDC and BDC. In response to the COVID-19 pandemic, the Government of Canada introduced the Business Credit Availability Program (BCAP) to help Canadian businesses obtain financing during the period of economic uncertainty. This measure and other economic measures announced by the government aimed at bolstering the financial and economic systems illustrated both the creative and practical uses of EDC and BDC as fiscal instruments of change.
When it comes to borrowing or bonding, banks, insurance companies and other government entities typically ask a firm to provide its managerial, financial and technical expertise when assessing transactional risk. Why not include a new risk category for cybersecurity preparedness? In this scenario, businesses that are investing in cybersecurity measures are genuinely encouraged to transform and evolve with technology and rewarded for their efforts, rather than burdened with the high costs associated with cybersecurity expenditures. Similarly, the government and associated lending and insurance entities mitigate their exposure to risk without incurring punitive one-off costs after cyber-failures.
Encouraging Cybersecurity Practices to Strengthen Canadian Companies
Addressing this new reality should be a policy priority of the federal government. If not, perhaps Canada’s political parties and economic think-tanks need to be more involved with proposing positive changes and appropriate policy recommendations in a post-COVID economic order. Everyone agrees that the knowledge economy is here to stay. Still, the key challenge will be for government decision-makers, academics and business leaders to make it relevant, inclusive and adaptive for the Internet era. The government has a tremendous opportunity now to promote and encourage best practices in cybersecurity for Canadian companies. Domestic wealth creation and economic sustainability are ultimately in the national interest. Success in the effort to bridge the gap will be the key to Canada’s success in the new global economic system in the aftermath of COVID-19 readjustments.
The contents of this article are sourced by Goran Samuel Pesic from Surviving and Thriving in the Digital Economy, published by the University of Calgary