IBM Security has released the results of its annual Cost of a Data Breach report, with 25 Canadian breaches included in the 2022 study.
The study, which analyzed real-world data breaches experienced by 550 organizations globally over the past year, found that Canada recorded the third highest average cost of a data breach worldwide.
IBM found that data breaches are now costing Canadian companies CAD $7.05 million per incident on average, an all-time high and a sharp increase from last year’s CAD $6.75 million.
“The sad truth is Canadians working from home are compromising security. Whether they are accessing company data from an unsecured network, using a weak password, or falling for a phishing scam, people are unknowingly opening up their organizations to attackers,” says IBM Canada’s Evan O’Regan.
Top Canadian findings include the following:
- Bank Breaches Most Expensive: Financial sector companies are paying the highest cost for data breaches in Canada at a whopping CA$520 per record (The national average? CA$298 per record)
- Stolen Credentials: Hackers’ Choice: Stolen or compromised user credentials were again the most common breach method and costliest attack type in Canada, leading to CA$8.86 million in average breach cost
- Zero Trust Pays Off: Canadian companies with mature zero trust adoption saw CA$3.79 million lower breach costs than organizations with only early adoption of zero trust
The report also shows that 45% of studied breaches occurred in the cloud, emphasizing the importance of cloud security.