As Cyber Security Month comes to a close, let’s examine some of the trends in the cybersecurity space in Canada. In early October, three hospitals in Ontario were hit with a Ryuk ransomware attack.
This is a pattern that has been observed in many parts of Canada and the United States. Large organizations and small organizations – from municipal governments and hospitals to dental clinics – have all been targets of cyberattacks.
What Story do the Numbers Tell?
The numbers depicting the rise of cyberattacks in Canada are staggering.
- According to a survey conducted by the Canadian Internet Registration Authority (CIRA), 71% of businesses were hit by a cyberattack in the last year.
- Of the organizations that faced a cyberattack, only 40% reported it to management, and only 48% reported it to customers.
- Even though 96% of organizations believed cybersecurity training to be effective, only 22% of them conducted monthly training.
These are critical #statistics that paint the picture of underprepared organizations when it comes to cybersecurity. According to a survey conducted by the CIRA, 24% of small to medium sized organizations (which make up 99.7% of all businesses in Canada) had no IT personnel whatsoever. When it comes to cybersecurity, 34% of those organizations had no one on their team responsible for it. And when you hear that 23% of respondents think that cybersecurity is not a risk worth employing resources over, you know there’s a serious lack of awareness.
Preparation is the Mother of Protection
With cybercriminals becoming more sophisticated and generating more attacks, organizations need to take a proactive approach towards cybersecurity and have a defined strategy to mitigate cyber risk (click here for our blog post on Cyber Risk Management). Having a cyber risk management framework can provide organizations with disaster support and peace of mind in both knowing that they can stay ahead of attackers, as well as the confidence to bounce back from the attack.