Trust is hard-earned and easily lost; a lesson many Canadian organizations learned the hard way this year as cyber attacks impacted their businesses. Forty-four per cent of organizations reported experiencing a cyber attack in the last 12 months and more than a quarter of the 500 cybersecurity professionals surveyed, said that it had hurt their organization’s reputation (28 per cent) and cost them customers (26 per cent). The reports of reputational damage have quadrupled from six per cent in 2018.
In light of the financial and reputational impacts on their organizations, the latest edition of CIRA’s annual Cybersecurity Survey finds strong support (77 per cent of respondents) for government legislation like Bill C-26, An Act Respecting Cyber Security, to shape cybersecurity in Canada. Despite organizations claiming they typically pay $25,000 to $100,000 in ransomware, three-quarters (74 per cent) support legislation that would prohibit ransom payments.
The volume of incidents in 2024 has led more organizations to seek cybersecurity insurance. More than 8-in-10 (82 per cent) organizations have cybersecurity insurance coverage, up from 59 per cent in 2021. In response, leading providers have implemented more restrictive measures; most organizations with a policy indicate that their provider has changed their coverage. Changes include verification of current security measures (39 per cent), increased premiums (38 per cent), changed eligibility criteria for obtaining/renewing coverage (37 per cent) and reduced reimbursement amounts for ransomware attacks (30 per cent).
On the AI front, a staggering 70 per cent of organizations expressed worry about potential cyber threats stemming from AI technology. Of particular concern were data gathered by AI tools and the proliferation of improved phishing emails and texts. On a positive note, more than half of the organizations surveyed have integrated AI tools into their workflow and operations, recognizing the advantages that AI brings to cybersecurity.
The full findings are featured in this year’s survey report.
Key findings
- Cybersecurity in the news: just over 4-in-10 (43 per cent) respondents say their organization has made changes to its cybersecurity approach in response to news about major cyber attacks.
- Ransomware: over one quarter (28 per cent) of professionals report that they have been the victim of a successful ransomware attack in the last 12 months, up from 17 per cent in 2021. Of those, 79 per cent indicate that the organization paid ransom demands.
- Reputational damage: 28 per cent report damage to their organization’s reputation as an impact, compared to only six per cent in 2018 and 19 per cent in 2022.
- The AI threat: 7-in-10 (70 per cent) of respondents are worried about potential cyber threats from generative AI. Organizations are most concerned about data gathered by AI tools (61 per cent) and improved phishing emails and texts (56 per cent).
- The AI advantage: more than half (57 per cent) of cybersecurity professionals say their organization has integrated AI tools into its workflow and operations, up from 44 per cent in 2023.
- Who’s attacking whom: organizations are most likely to perceive profit-motivated cyber criminals as the biggest potential threat (60 per cent), followed by cyber criminals motivated by nationalist beliefs (33 per cent) and foreign state actors (32 per cent).
Additional resources
Like this:
Like Loading...
Related
This entry was posted on October 1, 2024 at 8:31 am and is filed under Commentary with tags CIRA. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New CIRA Data Finds Cyber Crime Is Driving Customers Away From Impacted Canadian Businesses
Trust is hard-earned and easily lost; a lesson many Canadian organizations learned the hard way this year as cyber attacks impacted their businesses. Forty-four per cent of organizations reported experiencing a cyber attack in the last 12 months and more than a quarter of the 500 cybersecurity professionals surveyed, said that it had hurt their organization’s reputation (28 per cent) and cost them customers (26 per cent). The reports of reputational damage have quadrupled from six per cent in 2018.
In light of the financial and reputational impacts on their organizations, the latest edition of CIRA’s annual Cybersecurity Survey finds strong support (77 per cent of respondents) for government legislation like Bill C-26, An Act Respecting Cyber Security, to shape cybersecurity in Canada. Despite organizations claiming they typically pay $25,000 to $100,000 in ransomware, three-quarters (74 per cent) support legislation that would prohibit ransom payments.
The volume of incidents in 2024 has led more organizations to seek cybersecurity insurance. More than 8-in-10 (82 per cent) organizations have cybersecurity insurance coverage, up from 59 per cent in 2021. In response, leading providers have implemented more restrictive measures; most organizations with a policy indicate that their provider has changed their coverage. Changes include verification of current security measures (39 per cent), increased premiums (38 per cent), changed eligibility criteria for obtaining/renewing coverage (37 per cent) and reduced reimbursement amounts for ransomware attacks (30 per cent).
On the AI front, a staggering 70 per cent of organizations expressed worry about potential cyber threats stemming from AI technology. Of particular concern were data gathered by AI tools and the proliferation of improved phishing emails and texts. On a positive note, more than half of the organizations surveyed have integrated AI tools into their workflow and operations, recognizing the advantages that AI brings to cybersecurity.
The full findings are featured in this year’s survey report.
Key findings
Additional resources
Share this:
Like this:
Related
This entry was posted on October 1, 2024 at 8:31 am and is filed under Commentary with tags CIRA. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.