Cyber Attacks Up In Canada

Written by: Categories: Business Insurance, Business Tips, Cyber Liability, Risk Management, Schill Skinny

In the last year, an alarming majority of Canadian establishments reported falling victim to multiple cyber attacks, according to a recent report by Carbon Black. These breaches are not only incredibly costly to the organizations and encouraging to their perpetrators, but are in many cases preventable through basic diligence of cybersecurity maintenance.

The report found that a staggering 83% of surveyed organizations reported suffering a cybersecurity breach in the last year, with 22% reporting five or more breaches in that time. This high number of breaches per organization is further supported by 76% of Canadian organizations that reported an increase in cyber attacks in the last year. Furthermore, 25% of organizations reported that the number of attacks had increased by half since the previous year.

However, cyber attacks on Canadian businesses haven’t only grown in frequency, but have also grown in complexity, with 81% of surveyed organizations reporting that the attacks they had experienced in the last year were more complex than those of previous years.

Who is Affected

While no organization is completely immune to cyber attacks, the survey showed that 83% of larger organizations (over 5,000 employees) reported increased attacks, while only 65% of small businesses (under 250 employees) reported an increase in cyber attacks.

Understanding and Preparing for the Threat

The dark economy is currently valued at more than US$1 trillion. Of those surveyed, only 10% of respondents correctly identified that statistic, demonstrating the lack of understanding that can ultimately lead to exploitable exposures.

Of the different types of cyber attacks, malware is the most prolific, with 30% of surveyed respondents reporting that malware was the most commonly encountered attack. However, phishing was the cause of successful breaches at 20% of organizations, and “watering hole” tactics were reported to be the most effective and destructive of cyber attacks by 30% of respondents.

Outdated security technology and processes accounted for 20% of breaches, indicating that routine maintenance and updating of cybersecurity technology and policies could greatly benefit many organizations. In fact, 86% of respondents reported that threat-hunting strengthened their defence.

In response to the destructive nature and increasing prevalence of threats, 85% of surveyed organizations reported plans to increase their cyber defence budgets.

Cyber Security Tools for Your Business

If your organization falls victim to a cyber attack, your valuable digital assets could be compromised. There are several precautions you can take to limit the possibility for criminals to break into your organization’s systems and wreak havoc.

Firewalls—Firewalls are software that control the incoming and outgoing network traffic on a computer system and determines what should and should not be allowed through. Most computer operating systems now come with a pre-installed firewall for basic but reliable security, however, it may be beneficial to compare alternatives in order to find a firewall that fits your organization’s unique needs.

Routers—Routers are hardware that keep unwanted traffic out of a computer system. They differ from firewalls in that they are stand-alone devices that must be bought separately–they are not included in an operating system. Look for routers with advanced security protocols.

Antivirus programs—As their name implies, antivirus programs are designed to catch and eliminate or quarantine viruses before they can harm a computer system. Antivirus programs run in the background to ensure your computer is protected at all times. While they are updated frequently, they may not catch the newest viruses that are floating around.

Cloud—A cloud is a data centre available to many users that is hosted in a centralized, often off-site server that is accessible via an internet connection. Clouds are especially beneficial for cybersecurity simply because it is much easier to secure a single cloud structure than to secure hundreds of individual employee computers.

Penetration testing—In order to test how your organization would fare against a possible cyber attack in a safe environment, regularly perform penetration testing. Penetration testing consists of hiring cybersecurity professionals to attempt to perform cyber attacks on your organization for the purpose of identifying vulnerabilities in your cyber security and recommending solutions to prevent such attacks from being successful in the future.

Education—Every company, no matter its size, should educate employees on the dangers of computer intrusions and how to prevent them. For example, make sure your employees know not to open, click on or download anything inside emails from untrusted sources, and to disregard emails with subject lines and attachments that seem bogus or too good to be true. Employees with an intimate knowledge of the company’s computer network should also be alerted of the potential consequences of hacking into the system.

Review your risks and coverage options—A computer intrusion could cripple your company, costing you thousands or millions of dollars in lost sales and/or damages. Contact Schill Insurance Brokers Ltd today. We have the tools necessary to ensure you have the proper coverage to protect your company against losses from computer intrusions.

Be sure to contact us if you have any questions about cyber insurance.