OTTAWA — A new report from the Canadian Internet Registration Authority (CIRA) released today finds 28% of Canadian organizations who responded to the survey said they have been targeted by a Covid-19 themed cybersecurity incident.
Among some of the common cyberattacks were fake contact tracing apps and Covid-19 test result phishing attempts. About three in 10 organizations reported a spike in cybersecurity attacks since the pandemic started. Slightly more than half (52%) of organizations have implemented new cybersecurity protections in response to Covid-19 threats, according to the survey.
The CIRA’s 2020 Cybersecurity Report details how the Canadian cybersecurity landscape has shifted due to the Covid-19 pandemic. More than 500 Canadian IT security decision-makers were surveyed by The Strategic Counsel for the report, which examined how organizations are coping with the increase in cyber-threats.
While two-thirds (65%) of survey respondents say they’re using employer-provided devices to work from home during the Covid-19 pandemic, one-third of respondents said they use personal devices for work purposes at least some of the time as well.
“Our research shows that Covid-19 has fundamentally transformed cybersecurity. The threat landscape has changed, but, most importantly, the pandemic has created an environment of anxiety and uncertainty that cyber-thieves are exploiting. Now more than ever, cybersecurity is an issue no organization can ignore,” said Jacques Latour, chief security officer at CIRA, in a press release announcing availability of the report.
The report also found slightly more organizations experienced a data breach in the past year, with one-quarter saying they had at least one breach compared to just 15% one year ago. Also, 38% of survey respondents said they don’t know if their organization had a data breach in the last year.
Organizations appear less likely to inform a regulatory body of a data breach this year, with only 36% of those surveyed saying they did so in 2020, down from 58% doing so in 2019.
Despite facing more cyberattacks, fewer organizations than last year are expecting to increase human resources dedicated to cybersecurity in the next 12 months with one-third planning to do so, down from 45% in 2019.
When it comes to data sovereignty, 70% of survey respondents said they are concerned about the flow of data through countries other than Canada, up from 49% in 2018 and about on par with last year. Six in 10 organizations are concerned about data flow through the United States in particular, also up from 49% in 2018, according to the report.
To read the full report, please click here.
