The IT Nerd

Today, CDW Canada released data from its annual Canadian Cybersecurity Study, Navigating Ransomware, Modern Architectures and the Maturity Paradox. 

Key findings from the study include: 

• Canadian companies are being targeted by cyberattacks at a rate not seen before. Enterprise organizations saw an 80 percent increase in cyberattacks in 2025 due to the use of AI in cyberattacks and the larger financial reward potential.
• Enterprise cloud infection rates hit a record high in 2026, jumping from 41 percent to 53 percent year over year, the highest level recorded since CDW Canada started this study.
• Most organizations assume their cloud environments are secure. The study suggests that assumption is creating one of the biggest vulnerabilities in Canadian cybersecurity right now.
• Security spending reached a five-year high, with 20% of IT budgets now dedicated to security; however, the gaps in foundational weaknesses in people and processes create the “security maturity paradox,” making organizations appear advanced but leaving them open to attacks.
• AI is creating new security pressures on two fronts. Attackers are using it to be more effective. And organizations adopting AI internally need to make sure they are doing so in a way that does not create new vulnerabilities.
• The ripple effects go beyond the organization itself. When a major company is hit, the impact is felt by employees, customers and the communities that depend on those services.

There are many more findings in the press release linked here. The full report can be accessed here.

Today, CDW Canada released Unlocking AI’s Potential: How to Build Trust and Capability in the Canadian Workplace, a report revealing that AI adoption in Canadian workplaces has reached a tipping point. Half of employees now report using AI tools for work, up from 33% in 2024, yet most organizations still lack the formal policies and training needed to ensure safe and effective use.

AI is reshaping Canadian workplaces, with significant implications for productivity, employee confidence, and competitiveness. But without stronger training and governance, organizations and workers could face risks such as data security gaps and inconsistent access to AI’s benefits.

Key findings from the report include:

• Support drives confidence: Employees with access to AI training or policies feel more confident using AI (75% vs. 41%)
• Limited support systems: Just 39% of employees with work-approved AI say their organization has AI-use policies, and only 20% report access to formal training
• Persistent concerns: Employees remain worried about job loss (44%), overdependence on AI (60%), and data security (36%)

You can read the report here: https://www.cdw.ca/content/cdwca/en/reports/modern-workspace-report.html?utm_campaign=21657744-FY25%E2%80%A6

CDW Canada, today released its annual Canadian Cybersecurity Study, Canadian Cybersecurity Trends: Bridging Strategy, Technology, Artificial Intelligence and Human Expertise, which explores the evolving state of cybersecurity among Canadian organizations. The study, sponsored by CDW Canada and conducted with additional support and analysis by IDC Canada, surveyed over 704 IT security, risk and compliance professionals.

The expanding threat landscape highlights a critical pattern in 2025. Cyberattacks continue to decrease in frequency, yet successful attacks have intensified and become increasingly disruptive. In the past 12 months, 87 percent of Canadian organizations have reported experiencing a security incident, coupled with a 10 percent year-over-year increase in the length of downtime per incident. This pattern indicates a need for Canadian organizations to prioritize proactive cybersecurity to avoid these detrimental disruptions to their business.

GenAI progress stalls amid gaps in security and governance frameworks

Over the past year, organizations have raced to explore the potential of Generative Artificial Intelligence (GenAI), but the excitement has exposed a critical paradox. While organizations recognize GenAI’s transformative potential, many are facing security and compliance barriers that have slowed full-scale adoption.

Canadian organizations are particularly grappling with the complex challenges of securely integrating and scaling GenAI into business operations. Between 2023 and 2024, businesses conducted an average of 17 GenAI proof-of-concepts (PoCs), yet fewer than a third (28 percent) successfully transitioned to full production as concerns over data privacy and compliance put projects on hold.

The majority cite common barriers to adoption, including data privacy concerns (64 percent), skills shortages (57 percent) and system integration complexities (44 percent).

The rush to integrate GenAI has highlighted gaps in Canadian organizations’ foundational frameworks. However, this provides a key opportunity for organizations to strategically assess their data governance and compliance capabilities at a moment when the full potential of GenAI is still in its infancy.

Organizations must invest in strengthening their overall security posture and capabilities to benefit from the transformative potential of GenAI.

Proactive security testing is the missing link for cloud environments

As Canadian organizations expand their digital ecosystems and increasingly rely on their hybrid cloud environments, cyberattackers are keeping pace, exploiting vulnerabilities in cloud environments at an alarming rate. What was once a secondary risk has emerged as a primary concern, with public cloud infrastructures facing more attacks than any other IT infrastructure component.

More than half (61 percent) of Canadian organizations report that their public cloud environments have been the most impacted by cyberattacks. However, organizations conducting annual security testing indicated fewer infiltrations (23 incidents) and breaches (33 incidents) on average compared to 25 and 29 incidents respectively for those without regular testing. This underscores the clear value of comprehensive cloud testing to proactively mitigate risks, freeing up more time and resources for core business operations.

Structural gaps drive the shift toward third-party services

Canadian organizations are prioritizing their security capabilities by investing in Managed Detection and Response (MDR) services, which provide proactive managed solutions to enhance detection and incident response driven by a strategic shift to address internal resource gaps, improve threat detection and response speeds to increase cyber resilience.

Nearly half (41 percent) of Canadian organizations have already adopted MDR services, with more than a third (37 percent) planning to do so in the near future. As organizations continue to struggle with the impacts of breaches, MDR services are a key enabler in reducing vulnerabilities and minimizing operational disruptions.

To learn more about the state of cybersecurity for Canadian organizations, download the study here.

Today, CDW Canada, a leading provider of technology solutions and services for Canadian organizations, released new research exploring how Generative Artificial Intelligence (GenAI) is reshaping Canadian workplaces. Uncharted Innovation: The Rise of Unofficial AI Tool Usage Among Canadian Office Workers report contains research conducted among members of the Angus Reid Forum, including 1,000 office workers across businesses of varying sizes and industries throughout Canada.

Employee driven adoption is outpacing organization policies

As artificial intelligence (AI) tools become even more accessible, employees are increasingly leveraging GenAI to enhance productivity and explore new workflows. However, much of this adoption occurs informally without approval or guidance from their organizations, as nearly half (47 percent) of Canadian employees admitted to using unregulated AI tools. Additionally, over a third (33 percent) of these unregulated users engage with AI tools weekly, signaling a strong demand for accessible organization-approved AI solutions.

The survey found employees feel more confident using AI when their organization takes the lead. Many (61 percent) Canadian employees report feeling comfortable with workplace AI tools when they are officially implemented by their employer, compared to only 43 percent in workplaces without approved AI tools. Additionally, 54 percent of employees without access to AI tools indicated an interest in using them if implemented first by their organization.

As demand and unregulated use continue to surge, organizations will need to adapt to remain competitive and retain Millennial and Gen Z talent, as over half (61 percent) of younger employees aged 18 to 34 are adopting AI tools, significantly above the national average of 45 percent. This presents an opportunity for employers to shape the use of AI within their organization, ensuring security while meeting the rising demand for innovative solutions.

Unregulated use high amongst mid-level and senior-level employees

As Canadian employees increasingly rely on GenAI tools for tasks involving sensitive data, many organizations are left vulnerable due to the absence of guidance and policies. The survey found that mid and senior-level employees are the biggest users of unapproved GenAI tools. Over a third of mid-level (38 percent) and senior-level (37 percent) employees report using these tools without workplace approval. Without secure platforms and clear guidelines, organizations face risks to data security and reputation that they may not be aware of.

GenAI governance increases pressure on IT teams

Organizations are constantly contending with everchanging technology and the unknowns as AI applications evolve. Internal IT teams are bearing the burden of AI adoption, often without the resources or expertise needed to manage its unique challenges.

The report found that while 36 percent of organizations are planning to implement AI tools, nearly three-quarters (73 percent) have yet to enlist third-party support.

To learn more about the opportunities and challenges Generative AI presents to organizations, download the report here.

 CDW Canada has released the 2024 CDW Canadian Hybrid Cloud Report which explores the current state of cloud and artificial intelligence (AI) adoption among Canadian organizations. Conducted with additional support and analysis by IDC Canada, the report independently surveyed over 700 Canadian organizations between March 2024 and April 2024.

Organizations are increasingly adopting hybrid, multicloud ecosystems for security and control. However, challenges like complex infrastructure, data management and shortage of skilled workers present opportunities for organizations to realize the full potential of these ecosystems.

The report found that while 59 percent of Canadian organizations plan to leverage multiple public clouds over the next two years, 34 percent report little to no interoperability between these environments, leading to data silos and inconsistencies in governance. Additionally, 35 percent of organizations said scarce IT staff, talent and skills are major operational challenges for adopting hybrid, multicloud environments. Addressing these challenges is vital for organizations looking to achieve true cloud maturity in a rapidly evolving landscape.

Unified management platforms are essential

As organizations navigate the complexities of hybrid, multicloud environments, the adoption of a unified management control plane and cloud management platform has become critical. These tools enable organizations to effectively manage, monitor and control their infrastructure across public and private clouds, reducing costs and enhancing security.

Despite the advantages, only 36 percent of Canadian organizations currently use a unified cloud management platform, while the remaining 64 percent rely on a mix of native cloud tools, open-source solutions and custom-built systems. This fragmented approach often leads to increased complexity and operational challenges. Organizations must look to unified management platforms to maintain operational resilience in these complex environments.

The rise of AI in hybrid cloud strategies

The democratization of artificial intelligence, particularly generative AI (GenAI), is reshaping how Canadian organizations compete by driving productivity gains, cost optimization and innovation. Although 55 percent of organizations are investing in AI, significant challenges remain, particularly around privacy, scalability and data governance. Concerningly, only three percent of Canadian organizations report having fully prepared data infrastructure to handle these AI challenges, including integrating privacy, traceability and security to support governance and compliance.

Cybersecurity remains a concern in IoT investments

The proliferation of Internet of Things (IoT) devices has expanded the threat landscape as new and vulnerable entry points via these devices continue to increase. It is essential for organizations to strengthen their security measures and resiliency at the edge, considering 81 percent of Canadian organizations have IoT projects in production.

Cybersecurity remains a critical issue, with 46 percent of businesses reporting rising cyberthreats as a major concern in their IoT deployments. Fortunately, 32 percent of organizations said improving edge infrastructure security and resiliency was the most important investment needed to ensure IoT and edge infrastructure. This highlights that some organizations recognize the importance of cybersecurity at the edge to maximize the flexibility and scalability of IoT within their hybrid, multicloud approach.

To learn more about the opportunities and challenges of hybrid, multicloud adoption for Canadian organizations, download the report here.

Today, CDW Canada launched its annual Canadian Cybersecurity Study, Cybersecurity in Focus 2024: Trends, Threats and Strategies, which revealed that declining IT budgets coupled with a rise in cyberattackers leveraging AI increasing successful cyberattacks, putting Canadian organizations at increased risk. This year’s findings show a sharp 50 percent reduction in IT budgets since 2023, yet successful cyber incidents have surged by 26 per cent, highlighting a critical vulnerability gap.

The report delves into how these budget cuts are leading to “breach fatigue” among IT security teams. With fewer resources, teams are overextended, which not only reduces their effectiveness in managing threats but also impacts their ability to respond to incidents promptly and effectively. This scenario is creating an environment where organizations are more susceptible to cyberattacks.

To learn more about the state of cybersecurity for Canadian organizations, download the study here.

CDW Canada today released new research about the attitudes, concerns and adoption patterns of artificial intelligence (AI) technology in Canada. The Evolution of AI Adoption in Canadian Businesses: Perceptions and Trends contains research conducted among members of the Angus Reid Forum, including over 300 IT decision-makers across businesses of varying sizes and industries throughout Canada.

Organizations recognize the benefits of AI adoption

As Canadian organizations navigate the rapidly advancing AI landscape, a sense of cautious optimism persists. Three-in-five organizations (61 percent) are open to using AI and over half (58 percent) believe that incorporating AI enhances productivity and efficiency. Despite this openness, only half (51 percent) feel comfortable about its current use.

The most common benefits Canadian organizations expect following investment in AI include increased productivity and efficiency (58 percent), increased data/information availability (48 percent) and financial benefits or cost reductions (42 percent).

Understanding Al creates challenges for integration

Lack of knowledge and education are the primary obstacles Canadian organizations face when embracing AI and data analytics tools, despite the recognized benefits.

While half (52 percent) of IT decision-makers whose organizations have implemented AI for specific tools consider the process easy, only one-in-five (21 percent) IT decision-makers feel confident in their organization’s ability to implement them effectively. This highlights a significant gap in education and governance between those responsible for overseeing AI integration, the organizations they work for and assumptions about the complexity of AI tools.

Organizations are just scratching the surface of AI tools

Most organizations are only scratching the surface in exploring the capabilities of data analytics and AI tools.

The most widely used AI tools are natural language processing (NLP) tools. While useful, NLPs are not representative of AI’s full scope and capabilities. One-in-five organizations use machine learning and deep learning platforms (20 percent) and automation and optimization tools (19 percent) compared to half (50 percent) that use NLP and interaction tools. For Canadian organizations to remain competitive there needs to be greater education on AI’s full potential.

Public and private sectors have differing paths to AI adoption

The landscape of AI adoption varies between the public and private sectors, with each facing distinct challenges and opportunities. Both are open to AI adoption, but a higher portion of public sector respondents (64 percent) express openness for AI adoption compared to the private sector (58 percent).

The public sector places stronger emphasis on security, privacy and data protection, with over half (57 percent) citing these as high-risk factors, along with personal data breaches (54 percent). By comparison, the private sector is more concerned with issues such as biased inputs/user programming (42 percent), ethical implications (41 percent) and unclear legal regulations (40 percent). This discrepancy underscores the public sector’s heightened sensitivity to the potential consequences of breaches and its commitment to safeguarding Canadians’ data and privacy.

Learn more about the state of AI adoption among Canadian organizations and download the report here.

About the Survey

These are the findings of an online survey conducted by CDW from February 1 to February 8, 2024, among a sample of 309 IT decision-makers who are members of the Angus Reid Forum. The survey was conducted in English. For comparison purposes only, a probability sample of this size would carry a margin of error of +/-6 percentage points, 19 times out of 20.

Today, CDW Canada, a leading provider of technology solutions and services for Canadian organizations, released the 2023 Hybrid Cloud Report, which explores emerging trends and the state of hybrid cloud for Canadian organizations.

Organizations should be maximizing cloud spending

Organizations say the growing use of public cloud services will increase their ability to innovate, improve customer experience and deliver new products. The report found that Canadian CEOs expect nearly half (49 percent) of their organization’s revenue to come from digital products, services and/or experiences in the next five years.

Despite the increasing reliance on cloud services, which enable Canadian organizations to stay competitive, Canadian public cloud IT spending has room for improvement. On average, 18 percent of all public cloud services spending annually in Canada is not being maximized, highlighting a crucial area of opportunity for Canadian organizations to properly resource their plans for future business offerings.

To optimize cloud spending, organizations are turning to Financial Operations (FinOps), an evolving cloud financial management discipline designed to enable

1

maximum business value. The report found that just over half (55 percent) of Canadian organizations surveyed have an individual or team dedicated to FinOps and as with any new discipline, those responsible for it are experiencing growing pains.

The top cited challenges faced by the person or team performing IT FinOps around cloud expenditure are:

• Understanding how to optimize cloud spend for architectural and business benefit (42 percent)
• Allocating cloud costs to the correct team (40 percent)
• Understanding cloud price models and how to apply these optimally (39percent)Leveraging a cloud partner to provide best practices for hybrid, multicloud financial management can ensure organizations maximize their spending and reduce overages.Third-party partners are essential for security and governance of hybrid, multicloud environmentsThe report found that Canadian organizations are increasingly running their compute and storage capacity across private and public clouds, increasing from 33 percent currently to 40 percent by 2025, meaning we can expect more hybrid, multicloud environments in Canada.The advantages of running hybrid, multicloud environments include the ability to be agile and resilient, allowing organizations to scale performance while meeting security and compliance requirements.Many factors may affect the scope of Canadian organizations’ digital infrastructure strategies, which dictates the use of hybrid, multicloud environments. The top cited external-facing business objectives shaping these strategies over the next two years are:

• Reducing the overall cost of doing business (42 percent)
• Supporting more personalized customer engagement (41 percent)
• Responding to specific crisis-driven requirements (37 percent)

In comparison, the top cited internal-facing business objectives are:

• Improving internal staff productivity (47 percent)
• Cybersecurity and data protection across all geographies (45 percent)
• IT responses to unexpected business conditions when needed (40 percent)Canadian organizations will have to address complex concerns around management, governance, security and visibility that can have serious consequences for data protection.

0. Hybrid, multicloud environments enable the future of work in an ever-changing business landscape.Visit CDW’s Cloud Solutions page to learn more.

CDW Canada, a leading provider of technology solutions and services for Canadian organizations, today released new research about the barriers Canadian workers are facing in the digital workspace. The Digital Workspace Survey hosted on the Angus Reid Forum, surveyed over 1,000 hybrid workers across Canada.

Proper IT can increase productivity

The survey found that Canadian hybrid workers who experience IT issues reported losing an average of three hours a week dealing with IT issues. This indicates a massive loss of productivity from hardware and software that isn’t optimized for hybrid work, as well as an opportunity for employers to increase productivity through proper IT investments.

Most hybrid workers cited network connectivity (loss of 2.6 hours) and VPN connectivity (loss of 2.2 hours) as key IT issues. Other issues included lack of IT technical support, trouble sharing documents with team members, disruptions and connection issues on video calls and lack of additional monitors.

How investing in IT for hybrid work can benefit small businesses

Financial barriers can pose a threat when investing in the right IT for hybrid work, however, not investing comes with heightened cybersecurity risks. Investing in technology without considering security can cause greater financial and reputational impacts in the event of a security incident. This situation is most prevalent with small businesses (organizations with less than 100 employees) as employees are more likely to face financial barriers in a hybrid work environment. The survey

found that more than one third (37 percent) of respondents reported having to choose and pay for their own IT equipment. This lies in contrast to one-in-ten employees (13 percent) working at large businesses who must do the same.

A lack of IT investment impacts personal device usage and security posture. Nearly half (49 percent) of respondents working at a small business reported using a personal device to access work related files or perform work tasks more than once a day.

Security concerns impact IT decision-makers’ ability to work from home

IT decision-makers were less comfortable working from home due to their increased awareness of cybersecurity and understanding of the risks when working in a hybrid model.

The survey found that nearly one-in-five (18 percent) IT decision-makers reported data security and privacy reasons preventing them from working from home compared to only three percent of non-IT decision-makers.

Concerns over cybersecurity for IT decision-makers are echoed in CDW Canada’s 2023 Security Study, which surveyed 553 IT security and risk & compliance professionals. The study found that two-in-five (40 percent) respondents that store their organization’s data in the cloud – an essential tool for hybrid work – said they experienced a security incident in the cloud during the past year. Further, only one third (30 percent) of respondents said a policy exists in their organizations for monitoring and detecting threats within data, assets, applications and services. These findings can speak to the elevated concerns of IT decision-makers found in the Digital Workspace Survey.

CDW Canada, a leading provider of technology solutions and services for Canadian organizations, today released its annual security research, the 2023 Canadian Cybersecurity Study: Emerging Issues and Trends. The study, conducted with additional support and analysis by IDC Canada, surveyed over 500 IT security, risk and compliance professionals and explains the state of cybersecurity among Canadian organizations, with a focus on the expanding attack surfaces that emerged as a result of the substantial growth of business computing peripherals, servers and Internet of Things (IoT) devices. 

The sophistication of cyberattacks, combined with greater entry points created through cloud infrastructure, IoT and endpoint devices has led to an increase in security breaches. The study found that 7 percent to 10 percent of all cyberattack types were successful and observed a significantly greater “hit rate” of success (the number of attacks that result in a breach) achieved than in previous years.  

While total cyberattacks in 2023 decreased from 2022, they resulted in a greater number of breaches at organizations, jumping from a 12-month average of 13 in 2022 to 30 in 2023. While organizations are taking steps in the right direction to secure their IT assets, there is room for improvement to protect data and devices spread across various networks.  

Cloud is convenient, yet requires specific protections 

Public cloud environments – the most impacted IT components affected by security incidents and vulnerabilities – are being created by the increased use of cloud for storing private, sensitive and highly restricted data. It is further compounded by the adopt-first/secure-later approach of hybrid work, which has led to a widening gap between cloud adoption and proper investments to secure it.  

More than half (54 percent) of organizations store internal data, greater than one-third (36 percent) store sensitive (confidential) data and more than one-quarter (28 percent) store secret (highly restricted) data in the public cloud. Yet, organizations only spent on average 13 percent of their security budgets on securing cloud environments.  

Detection and response enable business continuity  

Threat detection and response is falling short, giving cyberattackers more time to access and steal personal, financial and intellectual data, or disrupt business processes with ransomware. 

According to the CDW Canada study with research and analysis by IDC, the average time to detect acyberincident is 7.1 days, while responding to an attack takes twice as long at an average of 14.9 days. The average time to recover is 25.6 days, putting the average incident management time at approximately 48 days total. This delay puts Canadian organizations at greater risk of reinfection, loss of customer trust and higher incident recovery costs.   

Automated processes are key to a robust security practice 

Organizations must address the IT security skills gap and implement automated processes to mitigate and minimize the impact of breaches while maintaining an advanced security posture that proactively defuses threats. 

The study found that nearly two-thirds (62 percent) of Canadian organizations say the skills gap has reduced their ability to prevent security incidents. Automation can significantly improve efficiency for security operations centre (SOC) analysts – the frontline professionals who monitor, detect and respond to cyberattacks. Automation frees up their time so they can devote more of it to higher-value cybersecurity activities such as investigations and threat hunting. In fact, more than half (59 percent) of respondents say they see automation as a way to improve security staff efficiency.   

Keeping up with sophisticated cyberthreats may seem like a massive undertaking, but expertise is available. As a trusted expert in cybersecurity solutions, CDW Canada can help organizations prepare for, defend and respond to the ever-expanding threat landscape.  

For more information, download the study here.