Over Half of Canadian Organizations Feel Somewhat Exposed to Cyber Risks such as Phishing, Ransomware and IoT Attacks: Trend Micro

New research from global cybersecurity firm Trend Micro has revealed that 58 per cent of Canadian organizations feel they currently have a moderate risk exposure. However, over half (53 per cent) feel their organization is exposed to cyber risk threats such as phishing (59 per cent), ransomware attacks (55 per cent), supply chain (55 per cent) and IoT attacks (52 per cent).  Respondents also indicated that overly complex tech stacks and lack of awareness from leadership are exacerbating issues.

On average, Canadian organizations estimated having 57 per cent visibility of their overall attack surface, and more than a quarter of respondents still approach their attack surface by mapping their systems manually (27 per cent). This may explain why only around 37 per cent are able to fully and accurately detail any one of the following based on risk assessments:

  • Risk levels for individual assets
  • Attack attempt frequency
  • Attack attempt trends
  • Impact of a breach on any particular area
  • Industry benchmarks
  • Preventative action plans for specific vulnerabilities

About 43 per cent of the IT and business decision makers Trend Micro interviewed say that keeping up-to-date with the ever-evolving attack surface is the main area they struggle with. In addition, nearly half (44 per cent) consider phishing or email attacks as the primary way of a cyber-attack starting against their organization.

The inability of organizations to accurately assess attack surface risk also keeps business leaders in the dark. According to Trend Micro’s insights, 11 per cent of Canadian organizations do not have a well-defined way to assess the risk exposure of its digital attack surface, and 69 per cent of respondents think the C-Suite should play a more active role in promoting good cybersecurity practices. 

A quarter (24 per cent) of those surveyed believe that increasing cybersecurity training or education would have the greatest impact in enabling leadership to better understand cyber risk.

There’s a clear opportunity here for organizations to leverage third-party expertise.

Only one-third (36 per cent) of Canadian respondents are already invested in a platform-based approach to attack surface management, while nearly half (47 per cent) of respondents say they’d like to do the same. Of those who’ve already made the move, improved visibility (42 per cent), reduced costs (40 per cent) and faster breach detection (35 per cent) are the most cited advantages.

Among those not planning to switch to a platform model, 37 per cent Canadian organizations consider time to move as the biggest disadvantage to using a platform model. 

Trend Micro commissioned Sapio Research to interview 6297 IT and business decision makers across 29 countries to compile the study.

For more information on Trend Micro’s global risk research, click here: https://www.trendmicro.com/explore/trend_global_risk_research_2

Leave a Reply