There isn’t a country in the world in which security, and the threat of being hacked, isn’t an ongoing issue. However, Canadians, in particular, must take more preventative measures because they’re not faring well at all.
The LifeLabs breach of late 2019 saw the medical records of 15 million Ontario and BC residents stolen. An open letter from company president and CEO Charles Brown in the wake of the breach did little to assuage Canadians’ fears and misgivings.
Even personal data held by the Canadian Government is not immune from threats. It was recently revealed in the House of Commons that at least 144,000 Canadians have had their personal information mishandled in Federal departments and agencies over the past couple of years.
A serious problem in Canada
According to the IBM Security and Ponemon Institute Cost of a Data Breach 2019 study, the average cost of a security breach for Canadian businesses was US$4.4 million — about half-a-million dollars higher than the global average.
But costs don’t occur only when a breach occurs. There are also “long-tail” costs which can be felt by companies months and even years after being hit. These extra costs are higher in the second and third years following a breach for companies in highly regulated sectors such as finance and healthcare.
Five red flags that you have a security problem
Canadian businesses must be aware of five vulnerability flags in particular:
- Human factors: Shared user accounts and weak passwords fall into the “human factor” category, and most often come down to carelessness or even laziness. As well, vulnerabilities can be created when workers collaborate with others, especially those outside their own organizations. Since the need for collaboration is on the rise, organizations should deploy a 360-degree approach to protect every component allowing users to safely collaborate.
- Lack of clear policies: Even if a network is relatively secure, not having clear security policies laid out that govern how employees create, access, and share company data can result in very bad outcomes.
- Unmanaged backups: The number of ransomware incidents worldwide is skyrocketing, which makes strong and smart backup strategies more critical than ever. Many smart and truly secure companies are mixing onsite with remote backups, and have a trained team member overseeing the process.
- Poor OS care: Server and workstation operating systems must be patched frequently to prevent bad actors from exploiting weaknesses. A failure to do so gives hackers a window through which to access, unopposed, the network inner sanctum.
- Low employee awareness: Tied into the first flag (“Human factors”) is the danger posed to organizations with low levels of employee security awareness. Without adequate security training on such topics as how to pick out fraudulent emails, how to safeguard devices, and when/why to reach out to an IT professional for help, businesses are at a high risk of being breached.
A serious breach of your organization may only be a matter of time. And even if you’ve survived an attack before, and are confident in your ability to bounce back quickly from another one should it happen, can you be sure? Award-winning integrator of smart technology and service solutions FlexITy has seen it time and again: organizations first being hacked and even today’s increased employee’s usage of their work-from-home devices accessing the network as well as browsing unofficial, virus triggered sites on Covid-19, suffering heavy damage to business and brand, and taking a long time to get back on their feet.
Get serious about security
The security setup of even the best-managed companies is complex and nothing close to airtight. And with a threat landscape that continues to evolve, staying on top of things security-wise is becoming more and more difficult. A multi-cloud world in which companies are employing multiple cloud vendors and multiple collaboration apps and devices each with its own security setup, makes even muddier the already muddy waters of business security.
FlexITy’s senior leadership has compiled a checklist of actions both employers and employees can take to ensure their system is secure. Download the Securing a Mobile Workforce checklist now.