While 2017 was a great year for Canada in many ways, when you take a look at recent IT security trends the news is not as positive (unless you happen to be a professional cybercriminal).
When it comes to mitigating IT security threats, knowledge is power. It's more important than ever to stay on top of trends and one step ahead of unscrupulous cybercriminals. With the year coming to a close, we've published a whitepaper, IT Security Threat Review (from a Canadian perspective) – Fall 2017 that shares information from other industry resources as well as from our own (anonymized) analysis of the DNS traffic of organizations in Canada.
Here are a few highlights from the whitepaper:
The global market for cybersecurity is expected to exceed $120 billion USD.
This translates into a Canadian share that totals CAD $2.26 billion - if you use our share of the global GDP as a proxy. That is a lot of money organizations have to spend on activities that don't directly improve our lives due to the global growth in cyber threats.
The low-price model seems to be working.
A person's complete identity can be bought on the black market for as little as $5 – and this was before the Equifax breach so it may have fallen even lower.
Also notable is that the average ransomware payout is only about $1,000, suggesting that online thieves target even the smallest organizations.
Cybercriminals are picking on Canadians.
Despite having only 0.5 per cent of the global population, Canada is targetted with the fifth most DDoS attacks on Earth. Now that's something to be sorry about. Our share of malware traffic also greatly exceeds what we would expect based on our overall networks size.
CIRA's DNS Firewall service is protecting Canadians.
Now time for a bit of positive news - CIRA's DNS Firewall service is protecting over 225,000 users in active use (and at least that many more users testing the software) and we blocked over 106,000 threats per month. That means the average user clicks on a bad link once every two months.
Hopefully, some of these statistics will remind you to update your software, maintain excellent passwords and be careful of what you download and click on. For IT professionals it may also be time to look again at your defence-in-depth (or castle defence) scenarios and see where you can bolster it.
For full citations and more information please check out the whitepaper, IT Security Threat Review (from a Canadian perspective) – Fall 2017.