(Montreal) Company data thefts, which have become “habitual” due to their frequency, have more consequences than expected in the population, according to IBM.
Posted yesterday at 5:16 pm.
Indeed, data leaks can compromise customers’ personal information, as happened to Desjardins in 2019, and they often increase customers’ bills.
IBM’s latest annual costs data breach report, released last July, found that an attack causes an average total cost of $5.62 million worldwide — and $7.29 million in Canada. Moreover, no less than 83% of the 550 international companies surveyed had not had their first breach.
60% of companies surveyed said they had to raise the prices of their products or services to make up for lost money.
Evan O’Regan, associate cybersecurity and digital trust associate at IBM Canada, calls it “cybertax.”
“Imagine a supply chain, from the moment a good is produced, an organization that takes care of logistics, transportation. In this supply chain, there may be many companies that are hacked, which contributes to consumer cybertax. »
A monetary loss can result from the interruption of commercial operations – for example, if an online sales site is temporarily disconnected – but can also come from efforts to identify and fix the problem, put the system back on its feet, ensure that the same weakness is not used a second time, and inform consumers.
IBM’s report also highlights the fact that many months pass before a problem is discovered and fixed. In fact, it takes an average of 207 days to detect a data breach and another 70 days to contain it.
In this regard, Mr. O’Regan commented, “Canada is doing relatively well.” In fact, the Canadian average to detect and respond to a breach is 208 days, compared to a global average of 277.
Build a fort
Still, there are ways to protect yourself to reduce the frequency and cost of leaks, O’Regan laments, adding that “companies see their IT security department as an expense to be cut rather than an investment.”
He advocates an approach he calls “zero trust”.
“Traditionalism is like a fortress,” he said. You have walls, moats, because you expect danger from outside. But the reality is that these defenses have already been penetrated and must be taken today. »
He therefore advises companies to have a strong identity and access management policy in place, for example by having security against hackers taking control of an employee’s account.
The massive expansion of telework during the pandemic has caused its share of IT vulnerabilities, increasing the risk of breaches as well as the average cost of these. But Mr O’Regan argued the practice was “not difficult or complicated to protect well” but “workers must be given the tools and training they need”.
According to the report, the use of artificial intelligence can cut costs by almost half.
2022 Report 17e Published by IBM. The research was conducted by the Poneman Institute, which analyzed breaches at 550 companies in 17 countries or regions between March 2021 and March 2022.