According to a new analysis, increased business awareness and a number of high-profile instances haven't significantly lessened the financial impact of cybercrime in Canada.
According to an IBM analysis of 26 affected organisations, the average cost of a cybersecurity breach to businesses in Canada will be $6.94 million by 2023. This is somewhat less than the $7.05 million cost incurred in 2018, but it is still the second-highest yearly cost in the study's nine-year history.
The survey also reveals that organisations who are victims of cyberattacks spend a significant amount of time repairing the damage in addition to the technical, legal, and public relations costs incurred by businesses in the wake of an incident.
IBM estimates that it takes businesses 215 days on average to discover and contain a data breach. That implies that many organisations deal with the aftermath from a successful cyberattack for a significant portion of a year.
The IBM study is released in the wake of several newsworthy events in Canada. In the past year, companies like Toronto's Hospital for Sick Children, oil and gas giant Suncor Energy Inc., and book retailer Indigo have all openly acknowledged that they had been victims of cybercrime.
The IBM report claims that organisations and sectors that have little to no tolerance for downtime and that are most likely to pay a ransom promptly in order to get their systems back up and running as soon as possible are the ones that cybercriminals, and ransomware attackers in particular, are most likely to target.
The top two industries targeted by cybercrime, according to the research, are financial services and energy corporations. The financial industry pays out an average of $12 million in damages for each cyberattack, while the energy industry pays out $9.37 million.
Public awareness of the cybersecurity threat has increased as a result of high-profile news events, such the 2021 ransomware attack against Colonial Pipeline in the U.S., which resulted in a temporary stoppage of pipeline operations.
Sicard added that there are probably a lot more corporate victims that we are unaware of.
According to the IBM survey, rather than spending more money on cybersecurity, more than half of organisations that have been compromised choose to pass the expenses of a cybersecurity incident on to their customers by raising prices.
But even shrewd businesses that spend money on encryption, artificial intelligence, and other methods to safeguard private customer and corporate information are not materially pushing the needle in the direction Sicard would want to see. He noted that since IBM started its analysis in 2015, the average cost of a data breach to Canadian businesses has climbed by more than $1.5 million.
According to Sicard, the sophistication of hackers is one factor contributing to the financial consequences of cybercrime's growth.
As businesses shift more and more sensitive data to the cloud, there are also more access points for attackers than ever before, and the trend towards remote work raises the possibility of a breach via a particular employee's mobile device.
The likelihood of state-sponsored hackers trying to infiltrate vital infrastructure for the goal of sabotage or espionage has also increased as a result of the war in Ukraine and the associated geopolitical tensions.
The majority of large organisations, he continued, should "come to terms" with the possibility that they could someday fall victim to cybercrime. However, he added, spending money on initiatives like personnel training and threat detection can lower those chances.
sources:
https://www.cp24.com/news/financial-burden-of-cybercrime-remains-high-even-as-awareness-grows-1.6491452#:~:text=The%20average%20cost%20to%20companies,the%20study's%20nine%2Dyear%20history.
https://globalnews.ca/news/9851714/cybercrime-canadian-companies-cost/