www.canadiansecuritymag.com

News Data Security
Cost of cyber breach recovery hits all-time high of $5.8M: Scalar Security Study

TORONTO – Cyber security incidents have become the new normal for Canadian companies, with 100 per cent of organizations experiencing attacks, according to the findings of a new study from Scalar Decisions Inc. of more than 400 Canadian IT and security workers.


February 25, 2019
By Staff

Topics

The 2019 Scalar Security Study (commissioned by Scalar and conducted independently by IDC Canada) found that the average cost per organization of responding to, and recovering from, cyber security incidents increased to between $4.8 million to $5.8 million, up from $3.7 million last year.

Despite facing fewer cyber attacks overall (440 on average, down from 445 last year), organizations suffered more breaches (12.5 on average, up from 9.3) as bad actors became more efficient and effective.

“Canadian companies are still overconfident in their abilities to successfully defend against cyber security attacks. Many are now realizing the need to implement a cyber resiliency plan in order to better prepare, defend and respond to incidents,” said Theo Van Wyk, chief technology officer – Security at Scalar Decisions, in a prepared statement. “The rise in the percentage of successful breaches coincides with the shift in cyber security efforts from protection against attacks to improving detection of malicious attacks and responding to and recovering from incidents.”

The study also found:

  • Of the survey respondents, 18 per cent reported having data subjected to ransomware demands, 17 per cent had data encrypted and 12 per cent had data deleted.
  • Nine per cent of respondents were not confident in their organization’s ability to prevent cyber security breaches and only 11 per cent of survey respondents had a “high” degree of confidence.
  • On average 38.5 per cent of the data organizations stored was considered confidential.
  • The average number of days spent recovering from cyber security breaches by an organization’s security, IT and legal departments increased significantly to 19.4 days from 16.1 days last year.

The full study can be downloaded here.