Midyear check-in: What we can learn from the cybersecurity stats in 2021 so far

Midyear check-in: What we can learn from the cybersecurity stats in 2021 so far

Cybercriminals have been hard at work in the past months, and that’s evident in the volume of data breaches that have hit big multinational corporations within just the first half of 2021. If a cybercriminal can infiltrate the cyber defences of a conglomerate, then your small- to medium-sized enterprise (SME) better be prepared for impact.

Fortunately, it’s never too late to protect your data from malicious actors who are always on the lookout for any security gaps to exploit. By analyzing cyberattack patterns, businesses in Canada and the world over can improve their cybersecurity posture and steer clear of data breaches.

Let’s take a look at some of the most striking 2021 cybersecurity statistics to date and what we can learn from them.

1. Phishing scams are up in number and sophistication

Cybercriminals are leveraging the lack of security of remote work setups and employees’ limited knowledge of social engineering to launch sophisticated phishing attacks. In fact, Google has reported over two million phishing sites as of January 2021 — up 27% from January 2020.

Phishing scams have relatively high success rates and are easier to carry out than other scams, making them the go-to hacker move these days. SMEs, in particular, should be wary of these kinds of attacks — according to the Ponemon Institute, over half (57%) of the cyberattacks launched on SMEs are phishing scams.

What to do?

New spins on old tricks have made it more difficult to identify phishing attacks. This is why it’s crucial to level up your cybersecurity defences and improve how employees access, receive, and interact with data. Properly train staff on how to handle phishing attacks, and provide them with tools such as virtual private networks (VPNs) and mobile device management (MDM) software that can thwart a phishing attack. Conducting phishing tests also allows you to gauge and improve your company’s preparedness against phishing scams.

Related reading: Phishing tests: What they are and why your organization needs them

2. There is a general state of cybersecurity unreadiness

In VMware’s most recent Canada Security Insights Report, 56% of Canadian security leaders stated that they fear a breach in 2021. However, less than a third of companies have updated their policies, approaches, and technologies to mitigate risk. This puts over 70% of businesses defenceless against the 10 biggest cyberthreats of the year, which include phishing, ransomware, polyglot files, malvertising, and Internet of Things attacks.

What to do?

Adopting a proactive cybersecurity stance can help mitigate the risks of cyberattacks. Instead of waiting for security incidents to occur before acting on them, deploy security measures that will prevent cybercriminals from infiltrating your systems in the first place. One of the most critical steps in preparing your systems for a cyberattack is undergoing a comprehensive cybersecurity risk assessment, which allows you to preemptively identify security weaknesses and correct them before they are exploited.

3. The cost of data breaches is increasing

The global cost of data breaches in 2021 is expected to reach USD 6 trillion annually — twice what they cost back in 2015. For instance, high-profile breaches like that which hit Facebook in April cost about USD 3.7 billion (CAD 4.64 billion). It’s well worth noting that data breach costs are directly proportional to the number of employees an organization has. This means that cyberattack-related expenses will definitely be lower for SMEs, but there’s no saying that the cost will not be enough to shut their doors for good.

What to do?

Having an updated incident response plan can lower the average cost of a data breach by as much as USD 1.23 million (CAD 1.54 million), thus potentially saving your organization from financial ruin. At its core, an incident response plan is about following a set of protocols that will help your business detect, respond to, and recover from network security incidents. These instructions also detail each employee’s specific responsibilities and tasks to create a workforce continuity plan that will limit downtime and enable critical network and data recovery processes.

Keep your data protected all year round with XBASE Technologies’ Exponentially Better™ services. From cybersecurity to disaster recovery to strategic consulting, we’ve got you covered. Strengthen your cyber defences today — call us at 647-697-7710 or send us a message.