#CyberFLASH: 51% of Canadian respondents to cybersecurity study have experienced loss or exposure of sensitive information

10712553More than half (51%) of Canadian respondents to a cybersecurity study have experienced an incident involving the loss or exposure of sensitive information within the last 12 months, Toronto-based IT firm Scalar Decisions Inc. said on Tuesday.

Commissioned by Scalar, the second annual security study involved a survey of 654 IT and IT security practitioners in Canada, with research independently conducted by Ponemon Institute. Respondents – the majority of whom reported their position at or above the supervisory level – came from a wide variety of industries and nearly two-thirds worked at companies with between 251 and 5,000 employees in Canada, said Scalar, which has offices in Vancouver, Edmonton, Calgary, Winnipeg, London, Toronto, Ottawa and Montreal.

Respondents to the survey, titled The Cyber Security Readiness of Canadian Organizations, reported an average of 40 cyberattacks per year, an increase of 17% over last year’s report. Seventy per cent reported that their organizations experienced situations where exploits and malware have evaded their intrusion detection systems, and 82% said that cyberattacks evaded their antivirus solutions.

On average, over the last 12 months, organizations spent approximately $7 million each on the following: damage to reputation and marketplace image ($2.6 million); damage or theft of IT assets and infrastructure ($1.6 million); disruption to normal operations ($1.1 million); lost user productivity ($950,625); and clean up or remediation ($766,667). With organizations reporting an average of 40 attacks per year, this makes the average cost per attack approximately $175,000.

In terms of response, only 38% of respondents said that their organizations have systems and controls in place to deal with advanced persistent threats (APTs), and organizations have an average of almost one separate APT-related incident per month, the study found. IT downtime, business disruption and theft of personal information were the primary consequences of APTs or zero-day threats experienced.

Read more here

About canux
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.