More evidence of the increasing pace of cyber attacks on Canadian organizations has come from a survey of IT leaders by vendor Carbon Black.
Eighty-eight per cent of organizations participating in the study said they have suffered one or more breaches in the past 12 months due to external cyber attacks.
Eighty-two per cent said the number of attacks are increasing, while 78 per cent of respondents who had experienced an attack said they are becoming more sophisticated.
Just under half of those who were breached say incidents caused a negative financial impact. In addition, 65 per cent of those breached said there was damage to their reputation.
Two hundred and fifty Canadian CIOs, CTOs and CISOs were surveyed from companies in a range of verticals.
Interestingly, 74 per cent of respondents said they are more confident in their ability to repel attacks than they were 12 months ago. The report’s authors interpret this as “an encouraging sign of increased awareness of the tools and techniques available to mount robust defenses and the growing maturity of security teams and technology deployments.”
This could be because 87 per cent of the businesses said their threat hunting activities have strengthened company defenses. In fact 76 per cent said their staff had found evidence of malicious cyberattack activity that would previously have gone undetected.
The most frequent and prolific types of attacks reported were custom malware. Phishing attacks were the prime cause of breaches, followed by ransomware and “process weakness.”
In looking at the overall results Rick McElroy, Carbon Black’s head of security strategy, noted respondents are concerned that emerging threats will require bigger security teams drawn from a talent pool that is small, and subject to intense competition.
“This will force companies to be creative and thorough in the way they approach cyber defence,” he wrote. “Greater automation, AI and tools that offer complete visibility of complex and evolving networks will be required. Resource efficiency will be a buzzword as businesses aim to maximize the capability of teams to detect and mitigate threats and invest intelligently in the tools that empower their teams to build on that growing confidence and maintain proactive cyber defense.”
Click here to get the full report. (Registration required)