It is common for organizations to feel that their data is safe, but they are often unaware of the various weaknesses that could leave them vulnerable to assaults. A recent study also found huge discrepancies in CEO and IT perspectives on the success of firms’ cybersecurity policies and procedures.
Revaluate your company’s cyber security measures today if you haven’t already. In the long run, it could save you money, time, clients, and a bad name.
Eighty-four percent of Canadian executives surveyed by Ovum for FICO said they were “better than average” or “top performers” when it came to cybersecurity. It is more difficult to mount a prompt and effective reaction in firms that lack a comprehensive cyber incident response strategy. Another survey found that it takes a business an average of 191 days to discover a data breach and an additional 66 days to effectively manage the problem.
The foolish idea that Canadian enterprises are too small or unimportant to be breached is shared by eSentire’s cyber security consultant, Eldon Rieckhoff.
Cybersecurity has become a more regular topic of discussion for Canadian boards after the implementation of mandatory breach notification on November 1, 2018. Even though more Canadian firms are paying attention because of new regulations and heightened awareness of the dangers, the majority still have no idea what they’re up against. In a security software trial, malware and malicious network behaviour were found in 85 percent of Fortune 500 corporations, and this figure is likely significantly higher for non-Fortune organizations.
Your company’s data should be safe, right? A look at these stats could persuade you to rethink your decision.
Here are three examples of recent incidents that have shown the financial impact of data breaches on Canadian businesses:
Many of Recipes Unlimited Corp’s restaurants were forced to close on October 1, 2018, due to a malware outbreak. The corporation, which operates several popular restaurants, including Swiss Chalet, Harvey’s, and East Side Mario’s, had been the victim of a data breach immediately after the breach was discovered. As a ransom, they demanded 0.5 BTC ($4,000) for each day that the demand was not met.
Affected businesses and employees alike were shaken by the restaurant’s shutdown, even though the corporation claimed it was not being held to ransom because of regular data backups of critical files. According to reports, the ransom note is linked to the Ryuk virus, which has so far collected $640,000 from hackers.
4500 consumers’ personal information was obtained by an unauthorized entity on November 1, 2018, according to the Ontario Cannabis Store (OCS). As a result, Canada Post’s delivery tracking technology was used to obtain the customer order data in this case.
An official statement from the Office of Civil Rights (OCR) reveals:
Codes for the postal service
Names, initials, or the signatures of those who received the package
The date of arrival
The OCS identifiers
Give an account number.
Names and locations of OCS-affiliated companies
It was not a breach of security that affected personal information such as a person’s name, delivery address, payment information, or even what the order contained. Customers who had their information compromised were alerted by the OCS and the province’s privacy commissioner.
Cyberattacks have also been making headlines recently at St. Francis Xavier University.
An inquiry was begun as soon as the IT Services team discovered unusual behaviour in the university’s network environment. Using the university’s servers to mine or manufacture bitcoin for monetary benefit was determined to be the goal of the malicious software, which required a lot of computational power.
The university instituted a complete system shutdown as a precautionary measure. This probe is preventing students from accessing email, the school’s online course system, shared storage space, and drives on the St. FX network.
What can you do to keep your business secure? As a starting point, you might implement an IT security strategy that is multi-layered. Your firm will be able to respond more effectively to a cyber-attack if it has a right-tiered approach to security. A proactive approach to security should include monitoring your network for abnormalities and enforcing regulations based on the results of such scans. Incorporate web security into your company policy if you want. For example, this would allow for time and content-based website screening; bandwidth checking; and legal liability protection. Finally, companies need to ensure that erased data cannot be recovered.
How does your company fare in this regard? Get in touch with Managex if you need IT specialists who can assist in keeping your business data safe. You can rely on our IT experts to provide you with the answers you need and the peace of mind you need to return to your primary business goals.