COVID-19 will have a lasting effect on Canada’s cybersecurity landscape
The pandemic has been a challenge for all of us, but it has been especially challenging for Canada’s cybersecurity professionals. Hackers continue to ramp up pressure to try and take advantage of the new challenges facing organizations across the country. As a result, additional cybersecurity protections have been put in place that this year’s Cybersecurity Survey shows will remain long after the pandemic ends.
In March of 2020, many workers migrated out of the office and into their homes. The pivot to remote work expanded the security surface area of organizations, and with it came new risks. Additional protections have been introduced to bolster organizations’ defenses and 95 per cent of security professionals say that at least some of the new protections will remain permanent. The changes were needed to defend against increased pressure from hackers, with 36 per cent of organizations indicating they faced more cyber attacks during the pandemic.
More risk has organizations looking for new ways to mitigate it. Cybersecurity insurance is a popular option to buttress against increased risk, with six in 10 organizations saying they have cybersecurity coverage as part of their business insurance, and three in 10 holding a cybersecurity-specific policy. But the data also shows that coverage is getting more expensive and difficult to keep.
Keeping security professionals awake at night is the prospect of finding a ransom note and encrypted files on their systems. In the past 12 months, almost one in five (17 per cent) organizations have been the victim of a successful ransomware attack. Of that group, a majority (69 per cent) say their organization paid the ransom demands, while 59 per cent report that data was exfiltrated. Organizations may be paying extortion fees because they fear damage to their public image.
Security professionals are also rising to challenge. They are rallying their colleagues to fight back against hackers, with 61 per cent of organizations now creating training material and promoting it internally to improve security awareness, up from 54 per cent in 2019. It could be said that 10 years of organizational IT innovation happened in 10 weeks.
This pandemic may not be over quite yet, but organizations are moving ahead. The CIRA 2021 Cybersecurity Survey provides insights on the challenges facing organizations and the lasting changes they’ve made to build resilience.