Highlights of the 2017 Scalar Security Study – The Cyber Security Readiness of Canadian Organizations. The third annual Scalar Security Study examines the cyber security readiness of Canadian organizations and the trends in dealing with growing cyber threats.
1. The Cyber Security Readiness
of Canadian Organizations
results of the 2017 scalar security study
2. We surveyed 658 IT and IT security
practitioners in Canada with a goal of learning:
Strategies to achieve a stronger cyber security posture
How Canadian organizations are responding to growing
cyber security threats
How much cyber security threats are costing Canadian
organizations on an annual basis
What technology and methods respondents are using to
improve their chances of winning the cyber security war
3. What you need to know about the
current trends in the cyber security
landscape in Canada today.
6. Web-borne malware attacks are
the most frequent type of incidents
that organizations are seeing in
their IT networks.
7. Similar to last year, mobile devices
and third party applications are the
most targeted platforms.
8. The cost of a
breach is increasing.
On average, organizations
spent 7.2MILLION*
in 2016 on cyber security compromises. *compared to $7M in 2015
9. The Canadian threat landscape is on
the rise, so we continue to ask whether
organizations are spending enough of
their IT budget on security.
10. Organizations seem to be making
investments in gaining better visibility
and control over their IT environments,
including breach response retainers,
SIEM, and threat intelligence, however,
no technology is infallible.
11. Insider threats
are on the rise.
44%of respondents say their organizations are not
monitoring individuals who have access to sensitive
files and information.
12. Insider threats are becoming much
more prevalent. While the most
likely attacks continue to be criminal
syndicates and lone wolf hackers, for
the first time, insider threats were ranked
higher than corporate espionage.
14. 79%of respondents say their organization’s
AV or IDS systems failed to prevent cyber attacks.
15. For the first time, we asked
respondents about their experience
with ransomware.
16. 35%of organizations report having had employees
targeted by ransomware. Only 21% reported
the incident to law enforcement.
17. 46%of respondents say their organization experienced
a DDoS attack that caused a disruption to business
operations and/or system downtime.
18. So what exactly is the benefit of
being considered a high performing
organization?
19. We’ve concluded that high performing
organizations are more likely to
recognize the evolving state of cyber
threat in Canada, but also align their
strategy for mitigating these risks to the
overall business goals and objectives.
20. Even though
they have a greater
awareness of the cyber
security threat landscape,
only 37%of high performing organizations believe
they are winning the war on cyber security.
22. ¡ Invest in technologies and systems that will reduce growing insider threat,
including identifying vulnerabilities through risk assessments and audits
¡ Recruit individuals with hands-on experience to help lead the organization’s
cyber security team
¡ Engage in threat sharing intelligence to increase the ability to proactively deal
with the sophistication and severity of cyber threats
¡ APT-related incidents are on the rise, this should influence IT security planning
by including effective strategies to protect vulnerabilities via the web, email,
and endpoints
23. Interested in learning more?
Download the full study at:
scalar.ca/scalar-security-study-2017/