Cyberattacks are Fewer in Number but Smarter in Strategy, Says CDW Canada Study

Posted in Commentary with tags on April 8, 2025 by itnerd

CDW Canada, today released its annual Canadian Cybersecurity Study, Canadian Cybersecurity Trends: Bridging Strategy, Technology, Artificial Intelligence and Human Expertise, which explores the evolving state of cybersecurity among Canadian organizations. The study, sponsored by CDW Canada and conducted with additional support and analysis by IDC Canada, surveyed over 704 IT security, risk and compliance professionals.

The expanding threat landscape highlights a critical pattern in 2025. Cyberattacks continue to decrease in frequency, yet successful attacks have intensified and become increasingly disruptive. In the past 12 months, 87 percent of Canadian organizations have reported experiencing a security incident, coupled with a 10 percent year-over-year increase in the length of downtime per incident. This pattern indicates a need for Canadian organizations to prioritize proactive cybersecurity to avoid these detrimental disruptions to their business.

GenAI progress stalls amid gaps in security and governance frameworks

Over the past year, organizations have raced to explore the potential of Generative Artificial Intelligence (GenAI), but the excitement has exposed a critical paradox. While organizations recognize GenAI’s transformative potential, many are facing security and compliance barriers that have slowed full-scale adoption.

Canadian organizations are particularly grappling with the complex challenges of securely integrating and scaling GenAI into business operations. Between 2023 and 2024, businesses conducted an average of 17 GenAI proof-of-concepts (PoCs), yet fewer than a third (28 percent) successfully transitioned to full production as concerns over data privacy and compliance put projects on hold.

The majority cite common barriers to adoption, including data privacy concerns (64 percent), skills shortages (57 percent) and system integration complexities (44 percent).

The rush to integrate GenAI has highlighted gaps in Canadian organizations’ foundational frameworks. However, this provides a key opportunity for organizations to strategically assess their data governance and compliance capabilities at a moment when the full potential of GenAI is still in its infancy.

Organizations must invest in strengthening their overall security posture and capabilities to benefit from the transformative potential of GenAI.

Proactive security testing is the missing link for cloud environments

As Canadian organizations expand their digital ecosystems and increasingly rely on their hybrid cloud environments, cyberattackers are keeping pace, exploiting vulnerabilities in cloud environments at an alarming rate. What was once a secondary risk has emerged as a primary concern, with public cloud infrastructures facing more attacks than any other IT infrastructure component.

More than half (61 percent) of Canadian organizations report that their public cloud environments have been the most impacted by cyberattacks. However, organizations conducting annual security testing indicated fewer infiltrations (23 incidents) and breaches (33 incidents) on average compared to 25 and 29 incidents respectively for those without regular testing. This underscores the clear value of comprehensive cloud testing to proactively mitigate risks, freeing up more time and resources for core business operations.

Structural gaps drive the shift toward third-party services

Canadian organizations are prioritizing their security capabilities by investing in Managed Detection and Response (MDR) services, which provide proactive managed solutions to enhance detection and incident response driven by a strategic shift to address internal resource gaps, improve threat detection and response speeds to increase cyber resilience.

Nearly half (41 percent) of Canadian organizations have already adopted MDR services, with more than a third (37 percent) planning to do so in the near future. As organizations continue to struggle with the impacts of breaches, MDR services are a key enabler in reducing vulnerabilities and minimizing operational disruptions.

To learn more about the state of cybersecurity for Canadian organizations, download the study here.

Leave a comment »

Canadian Marketing Association Leads the Way in AI Adoption With Comprehensive Resources for Marketers

Posted in Commentary with tags on April 8, 2025 by itnerd

The Canadian Marketing Association (CMA) today announced the release of three innovative resources designed to position Canadian marketers at the forefront of AI adoption and implementation. These materials underscore the CMA’s commitment to futureproofing the marketing profession in the rapidly evolving landscape of artificial intelligence (AI).

The “Guide on AI for Marketers,” and “Setting the Stage on Artificial Intelligence: A Primer for Marketers,” were reviewed by the globally renowned Vector Institute, based in Toronto, that empowers researchers, businesses and governments to develop and adopt AI responsibly.

At CMAai, a virtual event taking place on April 10, the CMA will speak to these important resources and unveil key findings from its “Generative AI Readiness Survey,” powered by Twenty44.

The state of AI in marketing

The CMA’s “Generative AI Readiness Survey,” powered by Twenty44 and conducted in October 2024 with 126 CMA members, reveals critical insights into the current state of AI adoption among Canadian marketers:

  • AI usage is on the rise, with 74 per cent of CMA members using generative AI tools at least weekly at work, surpassing the average for Canadian knowledge workers (62 per cent).
  • 84 per cent of members feel positively about integrating AI tools into their daily work tasks.
  • 68 per cent believe AI will make society somewhat or much better, while 83 per cent say it will improve their personal lives.

However, the research also highlights areas for improvement:

  • 44 per cent of members are either unsure if their company has an AI policy or find it lacking.
  • 56 per cent report receiving either no training on AI or ineffective training.
  • 80 per cent report using free or paid personal AI accounts at work.

Strengthening AI knowledge, policies, and security

The CMA’s new resources address the gaps affecting adoption, providing clear guidance on ethical AI usage, practical implementation strategies and best practices for upskilling marketing teams.

The “Guide on AI for Marketers,” provides in-depth insights on key considerations such as:

  • Using personal information in algorithms,
  • AI-driven content creation,
  • Consumer-facing AI applications,
  • Implementing AI influencers, and
  • Best practices for responsible AI use in marketing.

The guide is supported by the “CMA Accountability Checklists for AI in Marketing.” These checklists address a critical challenge in AI governance: the need for clear, role-specific guidance in a landscape where responsibilities often overlap or remain unclear. Our structured framework clearly delineates who is responsible for what in the AI marketing ecosystem. This approach ensures that all participants in the marketing value chain understand their specific obligations and can implement appropriate governance measures.

The resource, “Setting the Stage on Artificial Intelligence: A Primer for Marketers,” offers a comprehensive overview of AI’s impact on marketing, current adoption rates in Canada and global regulatory initiatives. It sets the foundation for marketers to understand and navigate the AI landscape confidently.

These resources affirm the CMA’s position as a leader in supporting the Canadian marketing industry’s growth and adaptation to emerging technologies.

For more information about the CMA’s AI resources, visit https://thecma.ca/resources/compliance-best-practices-guides.

About the survey

The survey methodology was developed by Twenty44 and is powered by Nexxt Intelligence’s AI-driven inca platform. It included a blend of qualitative and quantitative questions and was open between October 2 and October 28, 2024. A total of 126 CMA members participated in the survey.

Leave a comment »

Today Is Identity Management Day

Posted in Commentary on April 8, 2025 by itnerd

Established in 2021 in partnership with the National Cybersecurity Alliance, Identity Management Day, held on the second Tuesday of April, is a day of awareness to educate business leaders, IT decision makers, and the general public about the importance of identity management.

Wade Ellery, Field CTO, Radiant Logic had this to say about this important day:

     “Today, Identity is the currency in a digital world.  Every digital transaction between customer and a company, between an employee and an application between a bot and a server is grounded in the identity profile and identity data used to authorize those actions. Digital transformation requires the cleanup of a lot of legacy data that did not need to be in digital form.  The anchor for this data is the user identity and it is the place to start when starting to transform any business or operation. The shift of outside attacks from the historic parameter to the vulnerable identities has elevated the criticality of securing identity data both for human and non-human accounts. A new focus on defending identity data and access has reshaped the industry.  Every organization we work with is somewhere on the journey to strengthening their cybersecurity strategy. Where they are today depends on decades of past decisions, IT debt, Identity Data Quality, and recent investments. Regardless of where each company is starting, there are actions they can take today that will incrementally move them down the Identity-First Security road.  These actions will have both immediate benefits and pave the road for future improvements. What most excites me is that as an industry we have stopped telling our customers that identity security or any fundamental security process is a single product or a single project.  By acknowledging the overwhelming scope of the challenge we face in bringing security to the enterprise we can finally start to build solutions that will succeed.  The transition towards a more secure environment is a journey.  This journey will have many parts.  It may look different at the detail level for each organization. But at a higher level it is an incremental progression towards a stronger and more integrated and informed security posture.  At the core of this journey is the clean up, modernization, standardization, and security of identity and identity access.  As the Identity Security market starts to acknowledge the better together concepts of building a complete platform that will continue to involve and improve solutions that can actually finally address the challenge for our customers are possible.”

You can find out more about Identity Management Day here.

Leave a comment »

Buying Canadian and how advertisers can rise about the fray

Posted in Commentary with tags on April 8, 2025 by itnerd

Since the United States announced 25 per cent tariffs on most Canadian goods, many businesses are pivoting due to consumer pressure, to identify and highlight products made in Canada. According to a recent Leger survey in February 2025, almost 81 per cent of Canadians have significantly increased their spending on Canadian – made products.  

Savvy marketers know to capitalize on movements and through the value of F.A.S.T. (Free Ad Supported Technology) and Roku Canada, brands can optimize their ad dollars without duplication via the power of their home screen. By leveraging Roku’s integrated network, Canadian streamers who were previously “unreachable” can be targeted directly. 

Here’s what Ivan Pehar, Ad Sales Director Roku Canada had to say about that:

Advertisers are already feeling the impact of mounting tariffs with buyer hesitancy and slashed budgets. Marketers need to consider how to maximize their budget to reach their exact audiences through a personalized touch. Roku offers two solutions; directly through the F.A.S.T (Free ad-supported streaming television) network. When clients are paying our partners for ad-free services, you can still reach streamers through Roku’s homescreen. We’ve seen advertisers even leverage a spot in Roku-City to make sure their brand is top of mind.

With 81 per cent of Canadians are looking to spend on Canadian-made products, another effective tool is our use of ACR (automatic content recognition) which allows for a holistic and precise understanding of audience behavior. ACR enables sophisticated targeting, as well as effective retargeting strategies, for precision and optimization at scale. In a time of economic uncertainty, advertisers need to work smarter to reach their targets because every dime counts.”

Now I own a Roku TV and my wife and I have started to see ads from Canadian brands that my wife and I have not heard of before. And some of them we’ll be looking into more. That alone shows that there’s value to this effort by Roku.

Leave a comment »

WK Kellogg Data Breach Linked to Clop

Posted in Commentary with tags on April 7, 2025 by itnerd

WK Kellogg Co, a US-based food manufacturing company, has reported that company data was stolen during the 2024 data theft attacks against Cleo, a managed file transfer utility targeted by the Clop ransomware gang in late 2024.

Erich Kron, security awareness advocate at KnowBe4, commented:

“Zero day flaws, such as those that have been exploited by the Clop ransomware group, are extremely difficult to defend against. Because these stolen files are HR-related employee files, the information within them is liable to be very sensitive and could easily lead to identity theft for those affected.

“Victims of the data breach should ensure that they have locked their credit to avoid illicit accounts being opened in their names, and should be on the lookout for potential signs of identity theft.”

Another day. Another supply chain attack. That’s not good. Seeing as you’re only as secure as the companies you work with, it’s time to ask those companies some really hard questions to ensure that your company is as safe as possible.

Leave a comment »

Interlock claims responsibility for shutdown of Andretti Games

Posted in Commentary with tags on April 7, 2025 by itnerd

Ransomware gang Interlock today claimed responsibility for a March 2025 cyber-attack against Andretti Indoor Karting & Games, a chain of family entertainment businesses with locations across the southern USA. Andretti temporarily closed all its locations on March 16 due to technical issues.

In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote: 

“Interlock is a new ransomware gang that first started adding targets to its leak site in October 2024. The group extorts targets both to unlock infected computer systems and to not sell or release stolen data.”

“Interlock has claimed 12 confirmed ransomware attacks since it began, plus 13 unconfirmed claims that haven’t been acknowledged by targeted organizations. Those include recent attacks on National Defense Corporation, the Cherokee County School District, and the Siegel Group. Ransomware attacks can both lock down computer systems and steal data, forcing targeted organizations to either pay a ransom or face extended downtime, data loss, and pu

Just because this gang is new, doesn’t mean that they aren’t a problem. Clearly they are one of these gangs that are going to be a problem in the future. They are going to be worth watching in the future.

Leave a comment »

E-ZPass toll payment texts return in massive phishing wave 

Posted in Commentary with tags on April 7, 2025 by itnerd

 An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. This scam is not new, with the FBI warning about it in April 2024, and Highway 407 warning about it it March

Commenting on this is James McQuiggan, Security Awareness Advocate at KnowBe4:

“Mobile phishing campaigns are becoming more common, as cybercriminals are impersonating companies like E-ZPass in a very believable way by telling people that they have unpaid tolls. Cybercriminals prey on a person’s heightened emotions to encourage behaviors that can be harmful if acted upon. Whenever a text message seems urgent and arrives unexpectedly, it is important to always remember to verify the validity of the message before taking any requested action. Instead of clicking on the link provided in the text message, instead go to the known valid website of the sender first and double check that the information provided is accurate. Always stop and think before acting, especially if the message seems urgent.”

My advice is if you get one of these texts, don’t click on anything. Then stop, take a pause, and think about it. Keep in mind that it is highly unlikely that you will receive a text like this without you being identified by name. Furthermore, it is also highly unlikely that any organization will reach out to you in this manner. If you do that, it is highly unlikely that you will be victimized.

Leave a comment »

Challengermode Becomes Official Tournament Platform for Brawlhalla in New Partnership with Blue Mammoth Games

Posted in Commentary with tags on April 7, 2025 by itnerd

Challengermode, the leading global esports and competitive gaming platform, today announced a strategic partnership with Blue Mammoth Games, developer of the popular fighting game, Brawlhalla. Under this new collaboration, Challengermode becomes the official esports and community platform for Brawlhalla, supporting its thriving competitive scene and diverse player community.

The first Brawlhalla community events powered by Challengermode will take place in mid-April 2025, leading to support for official championship competitions starting in May. Leveraging Challengermode’s automation and scalability, Brawlhalla events will benefit from robust features that streamline tournament management and participation to accommodate both community growth and large-scale, international competitions.

To meet the demands of high-level competitive play inherent to fighting games, Challengermode is significantly expanding its platform features, enhancing organizer tools, tournament capabilities, and overall user experience for both players and organizers.

All Brawlhalla tournament organizers, creators, and players can experience the enhanced capabilities of Challengermode here: challengermode.com/s/Brawlhalla

Leave a comment »

Kids’ iOS tracker Apps could be exposing their location to stalkers 

Posted in Commentary with tags on April 7, 2025 by itnerd

Cybernews has uncovered a terrifying security flaw in a popular iOS tracker app used by over 320,000 people to monitor their kids’ locations

The app’s misconfigured Firebase database has exposed real-time GPS data, phone numbers, and other sensitive details, putting users at risk of stalking and worse.

As more parents rely on tracking apps to keep their children safe, this flaw is a major security threat with wide-reaching implications. 

Please find the full Cybernews report here.

Leave a comment »

BUCK Supercharges Creativity with Hammerspace Performance

Posted in Commentary with tags on April 7, 2025 by itnerd

Hammerspace, the high-performance data company, today announced that Los Angeles-based creative studio BUCK has selected the Hammerspace high-performance Data Platform to accelerate time-to-deploy new infrastructure and span geographic office locations without disrupting its creative team’s productivity. At the NAB show in booth #SL14416, Hammerspace will be demonstrating how it helps BUCK and other creative and design firms, game development companies, and television and film studios to provide high-performance content for post-production, visual effects, active archive and AI-readiness.

With a global team of more than 800 artists across offices in Los Angeles, New York, Amsterdam, London and Sydney, BUCK serves global brands such as Airbnb, Microsoft, Amazon, GitHub, Rivian, FedEx and Apple. Its services include 2D and 3D modeling for multimedia, creating immersive in-person experiences, branding, character design and more.

BUCK was challenged with managing large volumes of content that needed to be ingested, processed and modified through collaborative workflows with demanding performance requirements. Further, disparate NAS storage silos across geographically dispersed offices made it difficult for artists to share data, slowing down projects.

BUCK’s Chief Technology Officer John Kleber learned of Hammerspace through GPL Technologies, which designs IT solutions and data infrastructures to meet the unique needs of post-production facilities.

Hammerspace is now deployed at four of BUCK’s offices, creating a single global namespace that spans offices in Los Angeles, New York, Amsterdam, and Sydney. Artists and data users across all locations are able to collaborate on the same files in a live file system, eliminating the problem of wrangling file copies between sites. BUCK utilizes Hammerspace software for all “heavy lift” workloads, including editing, rendering, and more, acting as high-performance shared storage that spans sites and different storage tiers. This also has the benefit of enabling BUCK to leverage artists in different regions to collaborate on the same project, which was previously not possible.

Hammerspace’s software provides high-performance data access using NFS, SMB, and S3 protocols. All protocols access the same underlying file system with a uniform security policy across all protocols. And because Hammerspace does not require a proprietary file system client, user and application integration is simple and does not require workflow changes.

Leave a comment »

« Older Entries
Newer Entries »