Criminal activity in the cyber world is spreading at a rapid rate. Criminals have found an opportunity during the current COVID-19 crisis to ramp up their game and take advantage of vulnerabilities. Regardless of industry, every organization is at a higher risk of becoming the next victim. Whether it’s about protecting critical infrastructure and operations or personal information, or both, the impact of cyber-attacks should not be underestimated. Surprisingly, however, few companies have in place the internal cybersecurity policies and plans that are crucial to combating this rampant threat.
To help our clients have a clearer understanding of the risks, we recently launched our inaugural Canadian Cybersecurity Trends Study on the latest trends and issues related to cyber incidents. Below are five key findings from the study that all organizations should be aware of.
Although anyone can be a target, cyber criminals appear to be focusing on organizations that store sensitive data, such as financial, health and professional services firms. Critical infrastructure is also at higher risk since an attack of this nature could lead to a widespread shut down of vital operations.
- Ransomware (35%) and business email compromise (24%) continue to be the biggest risk to organizations. A threat to publish the victim’s data is often used to leverage a ransom payment, with more than 53% of targeted organizations opting to pay the ransom.
- Operational disruption (33%), financial loss (25%) and impact on relationships with customers and business partners (21%) continue to be a major source of angst for organizations. Despite this, statistics indicate that only 41% of publicly listed companies have a policy addressing cybersecurity, and even fewer (10%) have specific cyber insurance.
- The ongoing challenge with cyber incidents is that the technology and techniques employed by cyber criminals continue to evolve. Regardless of ongoing efforts to be proactive and prevent or minimize cyber incidents, the stark reality is that cyber criminals continue to innovate.
- Though slow moving, cyber-related litigation is ramping up. Since 2012, there have been a number of privacy class actions certified in Canada, particularly in Ontario, British Columbia, Alberta and Quebec. It’s expected that claims against both organizations and their representatives, potentially including directors and officers, will continue to increase.
Have more than five minutes? Contact Cathy Beagan Flood or Sunny Handa or any other member of our Cybersecurity group to learn more about our cyber study and how we can help with protecting your organization.
Please visit our COVID-19 Resource Centre to learn more about how COVID-19 may impact your business.
Blakes and Blakes Business Class communications are intended for informational purposes only and do not constitute legal advice or an opinion on any issue. We would be pleased to provide additional details or advice about specific situations if desired.
For permission to republish this content, please contact the Blakes Client Relations & Marketing Department at firstname.lastname@example.org.
© 2021 Blake, Cassels & Graydon LLP