Cost of data breaches in Canada hit new record in 2021: IBM
![Cybersecurity file photo File photo (Jonathan Hayward/The Canadian Press)](/content/dam/ctvnews/en/images/2021/7/28/cybersecurity-file-photo-1-5526133-1627480603322.jpg)
The average cost of a data breach in Canada hit a record high last year as companies grappled with new cybersecurity risks during the COVID-19 pandemic.
According to a new report from IBM Security, the average cost of a data breach in Canada was $6.75 million per incident in the 2021 survey year. That's up from $6.35 million the year before and the highest since IBM first included Canada in its survey seven years ago. It's also higher than the 2021 global average of US$4.24 million ($5.34 million), which in itself is a 10 per cent increase from the prior year and the highest global average in the survey's 17-year history.
The study suggests cybersecurity efforts may have lagged behind as companies were forced to rapidly adapt to remote work during the pandemic, said IBM Security associate partner Ray Boisvert.
“This to me is a wake-up call,” Boisvert said, adding companies reported data breaches last year that were not only costly, but also hard to contain. For example, companies surveyed reported a mean time of 164 days to identify they had a breach and 60 days to contain it, one week longer than the prior year's report.
According to the study, data breaches cost $1 million more on average when remote work was indicated as a factor in the event.
“There was certainly a strong link to remote work,” Boisvert said. “We're now living in a perimeter-less environment … and trying to defend a multiplicity of inputs becomes very difficult.”
Charles Finlay, executive director of the Rogers Cybersecure Catalyst at Ryerson University, said the sheer volume of varying devices and network connections used by remote workers during the pandemic posed a cybersecurity threat.
“Employees are working from home using insecure Internet networks and computers, and the kind of security measures that would be imposed in a corporate environment in a workplace just are not always present,” Finlay said.
He added that a crisis like the global pandemic can also be easily exploited by cybercriminals - for example, through a phishing email that poses as official health advice.
“We know that fake websites have been set up purporting to provide information on COVID-19,” Finlay said. “So COVID-19 has provided a lot of opportunity, unfortunately, for malicious attackers and cybersecurity. I'm not surprised by IBM's findings.”
The survey found nearly half (44 per cent) of the breaches analyzed exposed customer personal data, such as names, emails, passwords, or even healthcare data. It found compromised user credentials (such as stolen passwords) were the most common method used as an entry point by attackers, representing 20 per cent of breaches studied.
Ransomware attacks are also growing increasingly common, said Finlay, pointing to high-profile incidents so far in 2021 like the Russian-linked cyberattacks on Colonial Pipeline and JBS Foods.
“When I look back at the last year, the most serious development that I see is around the increasingly serious ransomware attacks, in particular around critical infrastructure,” Finlay said. “Ransomware is exploding as a major international security problem. It is a multi-billion global industry.”
The IBM survey analyzed real-world data breaches experienced by 500 organizations worldwide (26 in Canada) between May 2020 and March 2021. It factored in costs to companies ranging from legal, regulatory and technical responses in the event of a cyberattack to loss of brand equity, customers, and employee productivity.
This report by The Canadian Press was first published July 28, 2021
CTVNews.ca Top Stories
![](https://www.ctvnews.ca/polopoly_fs/1.6944496.1719545086!/httpImage/image.jpg_gen/derivatives/landscape_800/image.jpg)
A halting Biden tries to confront Trump at debate but stirs Democratic anxiety about his candidacy
A raspy, sometimes halting U.S. President Joe Biden repeatedly sought to confront Donald Trump in their first debate ahead of the November election, as his Republican rival countered Biden’s criticism by leaning into falsehoods about the economy, illegal immigration and his role in the Jan. 6, 2021, Capitol insurrection.
Analysis of the CNN Presidential Debate between Joe Biden and Donald Trump
U.S. President Joe Biden and former president Donald Trump went head-to-head in the first of two planned presidential debates.
FACT FOCUS: Here's a look at some of the false claims made during Biden and Trump's first debate
President Joe Biden and former President Donald Trump traded barbs and a variety of false and misleading information as they faced off in their first debate of the 2024 election.
Fines related to neighbour's 443 noise complaints at centre of B.C. dispute
A B.C. condo owner who was fined tens of thousands of dollars over hundreds of noise complaints made by his downstairs neighbour was partially successful in having the penalties overturned.
EXCLUSIVE Canadian lawyers play key role in money laundering, says financial intelligence report
A report by Canada's financial watchdog obtained by the Investigative Journalism Foundation working in collaboration with CTV News looked at Canadian lawyers' potential role in money laundering schemes, including those by organized crime groups like biker gangs and drug cartels.
Legal action coming to recover COVID benefit overpayments
The Canada Revenue Agency says it is ramping up efforts to recover overpayments of pandemic-related benefits.
'Hanging on for her life': Sask. family desperate to bring home sick niece from Philippines
For half a decade, a Saskatoon family has been trying to bring their orphaned niece to Canada, they say now it’s a matter of life or death.
'No additional flights will be cancelled': WestJet avoids strike as feds order binding arbitration
The federal government ordered binding arbitration in the labour dispute between WestJet and the Aircraft Mechanics Fraternal Association (AMFA) on Thursday.
Ottawa police warn residents to avoid Facebook Marketplace when looking for a place to rent
Ottawa police are going as far as to tell people to stay away from Facebook Marketplace altogether when looking for a place to rent because of the prevalence of scams.