In This Threat Report
In this, our third Canadian threat report, we find that attack frequency and has reached unprecedented levels; 99% of security professionals said the volume of attacks they faced has increased, this is up from February and October 2019 when we saw 76% and 82% increases respectively. Attackers are employing a more diverse range of tactics and techniques than ever before as they bid to extort, disrupt and infiltrate organizations.
The leap in attack frequency revealed in this iteration of the report shows that, however fast Canadian businesses may be adapting to the intensifying environment, the cyber threat landscape is evolving faster. 86% of security professionals say attacks have become more sophisticated, 17.5% of those say they have become significantly more advanced with 69% stating that attacks have become moderately or slightly more sophisticated.
91% of all global respondents stated that they had seen an increase in overall cyberattacks as a result of employees working from home.
Third Party Breach Risk On The Rise
In addition to the general escalation in intensity, this report reveals a shift in the causes of successful breaches. Island hopping, despite featuring quite low (2%) in the most prolific attack type experienced, was a prime cause of breaches (10%), and positioned fourth behind web application attack which was top (21%), followed by OS vulnerability (15%) and third party application (13%). Furthermore, 9% of breached businesses had been compromised via their supply chain. Clearly, the extended enterprise ecosystem is generating considerable security concerns.
A Complex, Crowded Environment
Respondents are already operating an average of more than nine different consoles or agents to manage their security program. This indicates a security environment that has evolved reactively as security tools have been bolted on to tackle emerging threats, not built-in. This has resulted in siloed, hard-to-manage environments that hand the advantage to attackers from the start. As the cyberthreat landscape reaches saturation, it is time for rationalization, strategic thinking and clarity over security deployment.
Island hopping, despite featuring low in attack type experienced, was a prime cause of breaches.
All but four of our survey participants anticipated an increase in spend.
42% say they will need to increase security spending and controls.
Survey Sample:
Has The Overall Number Of Typical Cyberattacks On Your System Changed As A Result Of More Employees Working From Home?
A staggering 91% of all global respondents stated that they had seen an increase in overall cyberattacks as a result of employees working from home. 7% of respondents reported that these had increased by between 50 and 100%. Just under a quarter (24%) recounted that attack volumes had gone up by between 25 and 49%. Three people out of 1002 stated that they did not have more of their employees working from home than usual because of COVID-19.
Out of the four countries surveyed Singapore respondents were most likely to report increases in attacks, with 93% saying this, followed by the UK with 92%, then Italy 90.5% and lastly the USA with 88%. That said Italy witnessed the highest percentage of attack increases (14%) in the between 50 and 100% scale, compared to the UK which experienced the lowest in this category (50 to 100%) with 2%. The USA was the highest in the 25-49% category, with 28% of respondents saying they had seen attack increases on this scale.
Just over a quarter (26%) of those with IT team sizes of more than 100 witnessed increases between 50 and 100%. 18% of those with IT team sizes between 41-50 conveyed increases of between 50 and 100%
Nearly half of those surveyed reported very significant gaps in terms of the effectiveness of their disaster recovery planning around communication with their external parties.
91% of all global respondents stated that they had seen an increase in overall cyberattacks as a result of employees working from home.