BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Average Canadian company faces $3.7 million in cyber exposure

From: Inga Goddijn <inga () riskbasedsecurity com>
Date: Fri, 9 Feb 2018 18:17:18 -0600
https://www.canadianunderwriter.ca/insurance/average-canadian-company-faces-3-7-million-cyber-exposure-1004127256/

The cost to recover from security breaches in Canada averages $3.7 million
in direct and indirect costs per organization, including network down time,
employee work days, lost files and compromised information, according to a
new survey.

Of that amount, the majority – about $3.5 million – is lost in revenue and
productivity, while $215,080 is spent in direct dollars addressing the
breaches.

The study, *The Cyber Security Readiness of Canadian Organizations**, *said
that the average company finds itself under attack by hackers more than
once a day. Almost nine in 10 (87%) polled organizations suffered at least
one successful breach in the past year, reported 420 people with on-the-job
responsibility for cybersecurity in their organizations.

In Canada alone, cybersecurity breaches cost companies a total of more than
$9.6 billion in recovery in the past year, Scalar Decision’s chief security
architect, Theo Van Wyk, wrote in a related blog post on Thursday, when the
study was released. The report was done by IDC Canada for Scalar Decisions
<http://www.scalar.ca>. Along with that huge financial hit, these companies
experienced a total of more than 813,000 days of down time and had over
100-million sensitive data records stolen.

Out of the 100-million records stolen, sensitive data was exposed 41% of
the time in 2017. One in five breaches was classified as “high impact”
because sensitive customer or employee information was exposed. Over 60
million of the sensitive data records stolen had data regarding “financials
and product secrets.”

For Canadian organizations, key cybersecurity weaknesses still exist, the
survey found, including:

   - Understanding exposure and vulnerabilities.
   - Security training for employees.
   - Speed of installing security updates and patches.
   - Security incident response planning.

In particular, only 26% of respondents across organization sizes conduct
formal training for employees. Firms also face organizational blind spots
about risk areas, with the top concerns being: exposure to insider threats
from employees or contractors; getting the organization to conduct regular
cybersecurity risk assessments and audits; and inability to identify the
threats that could jeopardize infrastructure and data.

_______________________________________________
BreachExchange mailing list sponsored by Risk Based Security
BreachExchange () lists riskbasedsecurity com

If you wish to Edit your membership or Unsubscribe you can do so at the following link:
https://lists.riskbasedsecurity.com/listinfo/breachexchange
Previous By Date Next
Previous By Thread Next

Current thread: