According to IBM | Data leaks cost consumers dearly

(Montreal) Theft of company data, which has become a “habit” due to its frequency, has more consequences for the population than one thinks, according to IBM.

Posted at 5:16 p.m

Clara Descurninges
The Canadian Press

While data leaks can put customers’ personal information at risk, as Desjardins did in 2019, they also often skyrocket consumer bills.

IBM’s latest annual report on the cost of a data breach, released last July, shows that a single attack costs an average of $5.62 million globally — and $7.29 million in Canada. Additionally, as many as 83% of the 550 international companies surveyed were not at the first breach.

60% of companies surveyed said they had to increase the price of their product or service to make up for lost money.

IBM Canada Associate Cybersecurity and Digital Trust Associate Evan O’Regan calls it a “cyber tax.”

“Imagine a supply chain, from the moment the goods are produced, the company that takes care of the logistics, the transportation. In this supply chain, multiple companies may have been hacked, contributing to consumer cyber tax. »

The financial loss can come from the cessation of business operations – for example, when an online sales site is temporarily disconnected – but also from the efforts that must be made to identify the problem and fix it to get the system back on its feet to ensure that the same vulnerability cannot be used a second time and notify users.

IBM’s report also highlights the fact that it can take many months for a problem to be found and fixed. In fact, it takes an average of 207 days to identify a data breach and an additional 70 days to contain it.

On this aspect, “Canada does relatively well,” commented Mr. O’Regan. In fact, the Canadian average is 208 days to detect and respond to a breach, compared to 277 for the global average.

Build a castle

Still, there are ways to protect yourself to reduce the frequency and cost of leaks, O’Regan said, lamenting that “companies view their IT security department as an expense that needs to be reduced rather than an investment “.

He advocates an approach known as “zero trust”.

“A traditional approach is like a castle,” he said. They have walls and moats because they expect danger from outside. But the reality is that today it must be assumed that these defense mechanisms have already been breached. »

He therefore advises companies to have robust identity and access management, such as safeguards against hackers who have managed to take control of an employee account.

The massive use of teleworking during the pandemic has caused its share of IT weaknesses, increasing the risk of security breaches and the average cost of doing so. However, Mr O’Regan argued that the practice “is not difficult or complicated to protect” but that one must “be sure to provide workers with the necessary tools and training”.

According to the report, the use of artificial intelligence can almost halve costs.

The 2022 report is the 17the be published by IBM. The research was conducted by the Ponemon Institute, which analyzed violations that occurred between March 2021 and March 2022 at 550 companies in 17 countries or regions.

Leave a Comment