Canadian Survey of Cyber Security and Cybercrime (CSCSC)

Detailed information for 2022

Status:

Active

Frequency:

Occasional

Record number:

5244

The purpose of the Canadian Survey of Cyber Security and Cybercrime is to measure the impact of cybercrime on Canadian businesses. For reference year 2022, the survey will be known as the Public Sector Survey on Cyber Security and Cybercrime (PSSCSC) with a focus on the Canadian public service and crown corporations.

The survey gathers information about:
- The measures organizations have implemented for cyber security, including employee training;
- The types of cyber security incidents that impact organizations; and
- The costs associated with preventing and recovering from cyber security incidents.

Data release - October 18, 2023

Description

The 2022 Public Sector Survey on Cyber Security and Cybercrime is conducted on behalf of Public Safety Canada. This survey was launched because of the need to benchmark and monitor the rapidly evolving environment surrounding cyber security and cybercrime. The data collected serves the following broad objectives: to further understand the impact of cybercrime on the Canadian public service and crown corporations, including aspects such as investment in cyber security measures, cyber security training, the volume of cyber security incidents and the costs associated with responding to these incidents.

Reference period: The 12-month calendar year

Collection period: January through March

Subjects

  • Business and government internet use
  • Crime and justice
  • Information and communications technology

Data sources and methodology

Target population

The target population was derived from Statistics Canada's Business Register (BR). The BR is an information database on the Canadian business population and serves as a frame for all Statistics Canada business surveys. It is a structured list of businesses engaged in the production of goods and services in Canada.

For the 2022 Public Sector Survey on Cyber Security and Cybercrime, the target population will consist of organizations from Schedule IV and V of the Financial Administration Act (FAA) and federal government units from the 2020 Public Sector Universe (PSU). The in-scope units from the PSU include federal government business enterprises but exclude the unit which represents the Government of Canada as a whole.

Instrument design

The survey data are collected using an electronic questionnaire.

In 2022, the questionnaire had minor revisions made in order to better meet the policy needs of the sponsoring partner Public Safety Canada, as well as to ensure the questionnaire content was relevant to the new target population. Subject matter experts, public sector organizations and external stakeholders were also consulted during the content development process.

Cognitive testing of the questionnaire content was carried in conjunction with the Questionnaire Design Resource Center based at Statistics Canada in both official languages. For the 2017 iteration, the entire questionnaire was tested through one-on-one interviews with potential respondents that took place in Ottawa, Toronto, Montreal and Vancouver. For the 2019, 2021 and 2022 iterations, the revised content was tested through one-on-one telephone interviews with potential respondents. The resulting comments and analysis of these interviews led to revisions of the questionnaire to make the questions more relevant to respondents and easier to answer.

Sampling

This survey is a census with a cross-sectional design.

The Public Sector Survey on Cyber Security and Cybercrime is designed to obtain complete and accurate data from all organizations from Schedule IV and V of the FAA and federal units from the PSU. No sampling is done.

Data sources

Data collection for this reference period: 2023-01-30 to 2023-03-31

Responding to this survey is voluntary.

Data are collected directly from survey respondents.

Data are collected through an electronic questionnaire. Organizations are initially contacted by telephone during a pre-contact phase to identify an appropriate contact within the enterprise to respond to the survey.

Follow-up because of non-response, inconsistent or missing data is done by phone on a priority basis.

View the Questionnaire(s) and reporting guide(s) .

Error detection

The metadata will be provided upon release.

Imputation

The metadata will be provided upon release.

Estimation

The metadata will be provided upon release.

Quality evaluation

The metadata will be provided upon release.

Disclosure control

Statistics Canada is prohibited by law from releasing any information it collects that could identify any person, business, or organization, unless consent has been given by the respondent or as permitted by the Statistics Act. Various confidentiality rules are applied to all data that are released or published to prevent the publication or disclosure of any information deemed confidential. If necessary, data are suppressed to prevent direct or residual disclosure of identifiable data.

Revisions and seasonal adjustment

This methodology does not apply to this statistical program.

Data accuracy

The metadata will be provided upon release.

Report a problem on this page

Is something not working? Is there information outdated? Can't find what you're looking for?

Please contact us and let us know how we can help you.

Privacy notice

Date modified: