Thought leadership. threat analysis, news and alerts.
CDW Report Reveals Canadian Businesses Make Cybersecurity Top IT Priority
A new report by CDW Canada reveals almost half of businesses(47 percent) questioned have increased their expenditure on cybersecurity in the past year.
Their responses make for reassuring reading, though there is still some way to go before all of Canada’s businesses have the safeguards they need in place. With so many day-to-day operations performed online and a plethora of sensitive data stored in the cloud, effective cybersecurity should be a priority for every single company.
Other key takeaways from the survey:
That 17 percent of respondents being totally unsure whether a plan has even been drawn up or not is concerning. It’s vital for management teams to recognize the level of vulnerability they may create within their organizations in if they fail to take the appropriate action and protect their infrastructures from threats. While it’s easy to let a hectic schedule and growth overshadow any potential pitfalls, the risk is simply too big to ignore. No business can afford to be complacent or assume they are too small (or successful) to target.
What Do Canadian Businesses Consider the Biggest Cyber Threat?
The CDW report showed 24 percent of businesses questioned view the proliferation of malware a leading concern. Others were data theft (prioritized by 19 percent) and the safety of cloud storage (15 percent). All three risks have the power to cause severe problems for companies of all sizes, in all industries.
It’s good to see businesses aware of key cybersecurity hazards and being able to distinguish between them, but hackers employ increasingly sophisticated tools and tricks to infiltrate businesses’ systems, potentially even lurking undetected for weeks or months. They are able to gather critical information related to their employees, their customers, their operations, their secrets and more. Businesses affected by such covert breaches are left incredibly exposed and may be unable to actually recover if they fail to take action soon enough.
Yet not all cybersecurity dangers come from outside. Businesses must be aware of external and internal threats to their safety (and that of their customers). It may be hard to imagine someone within your organization having the audacity to endanger the security of their colleagues, employers and clients by allowing data to fall into the wrong hands — but, sadly, it does happen.
In recent weeks, Desjardins (North America’s biggest federation of credit unions) revealed that close to 3 million members’ datahad been leaked by an employee, affecting some 170,000+ businesses. Desjardins admitted it’s possible such personal details as full names, dates of birth, social insurance numbers, banking activities and email addresses were shared. It’s believed, though, that PINs, passwords and security questions were not leaked.
Tackling Internal Cybersecurity Threats
That Desjardins’ woes resulted from the actions of an employee demonstrates how vulnerable data may be even when organizations believe their system is well protected. Businesses can invest in the most cutting-edge technology and training to reinforce their safety, but if they aren’t aware of which employees may have a grudge (or simply lack the training to perform duties safely) breaches can still occur.
The Desjardins employee responsible has since been let go, but that’s unlikely to be of much comfort to the people whose sensitive information was shared without permission. This event could have an ongoing impact on Desjardins as a whole: members’ confidence may drop, prompting them to consider alternatives — potentially costing Desjardins in the long run.
Still, it’s incredibly hard for businesses to know exactly which members of their workforce could be planning to leak data or open the system up to cyberattacks, short of monitoring every single phone call, every interaction with colleagues and their every movement on the premises.
But effective training can make a positive impact and encourage a more vigilant, aware, loyal team. Educating staff on the variety of cybersecurity risks the company faces, where they originate and how they can be combated is essential. It’s vital to give them the means to share concerns with management if they believe someone may be planning to reveal sensitive information or share access details with unauthorized parties.
They may find speaking up about the people they work with every day difficult, but it’s in everyone’s best interests. After all, if a breach or attack is damaging enough, employees’ jobs may be at risk.
The Importance of the Right Training
The right training minimizes the threat of accidental cybersecurity problems. Workers may not recognize phishing scams and expose the entire network to threats, or they could download infected software. The list goes on and on. Even the smallest mistake can have lasting ramifications.
With more Canadian companies investing in their cybersecurity measures, it’s fair to assume training will improve too. But it’s not just about training: businesses have to take their security seriously, and that means equipping themselves with the most effective safeguards. A comprehensive vulnerability assessment will identify potential flaws in your system’s security, revealing how prone your company may be to attacks.
The Driz Group offers free vulnerability assessments for businesses of all sizes, helping you start on the journey to a safe, stronger cybersecurity procedure. Our Managed Cyber Security Services provide cloud-based and on-premise protection, reduce the likelihood of a data breach and fill any gaps that may be discovered. This allows you to just sit back, relax and focus on running your business while the experts keep it safe.
Want to learn more about how our Managed Cyber Security Services can help your organization? Have questions? Please don’t hesitate to contact our friendly team of expertstoday!
Steve E. Driz, I.S.P., ITCP