Data Breaches Costing Canadian Companies, Banks More Than Ever

IBM Security has released the results of its annual Cost of a Data Breach report, with 25 Canadian breaches included in the 2022 study.

The study, which analyzed real-world data breaches experienced by 550 organizations globally over the past year, found that Canada recorded the third highest average cost of a data breach worldwide.

IBM found that data breaches are now costing Canadian companies CAD $7.05 million per incident on average, an all-time high and a sharp increase from last year’s CAD $6.75 million.

“The sad truth is Canadians working from home are compromising security. Whether they are accessing company data from an unsecured network, using a weak password, or falling for a phishing scam, people are unknowingly opening up their organizations to attackers,” says IBM Canada’s Evan O’Regan.

Top Canadian findings include the following:

• Bank Breaches Most Expensive: Financial sector companies are paying the highest cost for data breaches in Canada at a whopping CA$520 per record (The national average? CA$298 per record)
• Stolen Credentials: Hackers’ Choice: Stolen or compromised user credentials were again the most common breach method and costliest attack type in Canada, leading to CA$8.86 million in average breach cost
• Zero Trust Pays Off: Canadian companies with mature zero trust adoption saw CA$3.79 million lower breach costs than organizations with only early adoption of zero trust

The report also shows that 45% of studied breaches occurred in the cloud, emphasizing the importance of cloud security.