Whether hackers took personal information from your corporate server, an insider stole customer information, or information was inadvertently exposed on your company’s website, you are probably wondering what to do next. You just learned that your business experienced a data breach. About the FTC Show/hide About the FTC menu items.
News and Events Show/hide News and Events menu items.Advice and Guidance Show/hide Advice and Guidance menu items.Competition and Consumer Protection Guidance Documents.Enforcement Show/hide Enforcement menu items.It factored in costs to companies ranging from legal, regulatory and technical responses in the event of a cyberattack to loss of brand equity, customers, and employee productivity. The IBM survey analyzed real-world data breaches experienced by 500 organizations worldwide (26 in Canada) between May 2020 and March 2021. “Ransomware is exploding as a major international security problem.
“When I look back at the last year, the most serious development that I see is around the increasingly serious ransomware attacks, in particular around critical infrastructure,” Finlay said. Ransomware attacks are also growing increasingly common, said Finlay, pointing to high-profile incidents so far in 2021 like the Russian-linked cyberattacks on Colonial Pipeline and JBS Foods. It found compromised user credentials (such as stolen passwords) were the most common method used as an entry point by attackers, representing 20 per cent of breaches studied. The survey found nearly half (44 per cent) of the breaches analyzed exposed customer personal data, such as names, emails, passwords, or even healthcare data. “So COVID-19 has provided a lot of opportunity, unfortunately, for malicious attackers and cybersecurity. “We know that fake websites have been set up purporting to provide information on COVID-19,” Finlay said. He added that a crisis like the global pandemic can also be easily exploited by cybercriminals - for example, through a phishing email that poses as official health advice. “Employees are working from home using insecure Internet networks and computers, and the kind of security measures that would be imposed in a corporate environment in a workplace just are not always present,” Finlay said. “We're now living in a perimeter-less environment … and trying to defend a multiplicity of inputs becomes very difficult.”Ĭharles Finlay, executive director of the Rogers Cybersecure Catalyst at Ryerson University, said the sheer volume of varying devices and network connections used by remote workers during the pandemic posed a cybersecurity threat. “There was certainly a strong link to remote work,” Boisvert said. For example, companies surveyed reported a mean time of 164 days to identify they had a breach and 60 days to contain it, one week longer than the prior year's report.Īccording to the study, data breaches cost $1 million more on average when remote work was indicated as a factor in the event. “This to me is a wake-up call,” Boisvert said, adding companies reported data breaches last year that were not only costly, but also hard to contain. The study suggests cybersecurity efforts may have lagged behind as companies were forced to rapidly adapt to remote work during the pandemic, said IBM Security associate partner Ray Boisvert. It's also higher than the 2021 global average of US$4.24 million ($5.34 million), which in itself is a 10 per cent increase from the prior year and the highest global average in the survey's 17-year history.
That's up from $6.35 million the year before and the highest since IBM first included Canada in its survey seven years ago. The average cost of a data breach in Canada hit a record high last year as companies grappled with new cybersecurity risks during the COVID-19 pandemic.Īccording to a new report from IBM Security, the average cost of a data breach in Canada was $6.75 million per incident in the 2021 survey year.
0 kommentar(er)
