Data breaches have become a pervasive issue, with around one in six Canadian businesses affected by cybersecurity incidents in 2023. Despite the rise in such events, companies continue to struggle with implementing effective defense protocols and post-breach responses. Cybersecurity expert Milind Bhargava highlights the commonality of unpreparedness, recounting an investigation of a ransomware breach in a B.C.-based transportation company that relied on outdated technology. According to the IBM Cost of Data Breach report, Canadian organizations paid an average of $6.32 million per breach in 2024, with higher costs for the financial and technology sectors. The most frequent entry point for cybercriminals was stolen credentials, often taking months to identify and contain.
The evolution of cyberattacks from data theft to ransomware, where hackers block or encrypt systems and demand payment, has led to an ideal response formula: contain, then investigate. Hélène Deschamps Marquis, a privacy and cybersecurity expert, notes that laws are tightening, necessitating disclosure of breaches under regulations like Canada’s PIPEDA. Despite efforts to improve defenses, attackers continue to outpace businesses. Jennifer Quaid of the Canadian Cyber Threat Exchange emphasizes the need for organizations to adapt, as attackers leverage AI to enhance their tools. Bhargava points out the reluctance of companies to invest in cybersecurity until after experiencing a breach, underscoring the ongoing challenge of staying ahead of cybercriminals.
Original article courtesy of TheGlobeandMail.com.
Enhance Your Business Security with Expert Cybersecurity Solutions. Click here to learn more and download shawcsIT’s free services overview catalogue.