The importance of having a sophisticated cyber security plan in place is becoming extremely evident as cyber-attacks across Canada, specifically within the financial industry become more frequent. Accenture, an international consulting firm performed a survey that included 124 Canadian security practitioners and found that, “most Canadian companies do not have effective technologies in place to monitor for cyber-attacks and are focused on risks and outcomes that have not kept pace with the threat.” [i]
No matter an organization’s size, cyber-attacks are becoming a “when”, not an “if”. One of the riskiest assumptions for companies to make when addressing their cyber security risk is to assume that they are too small for hackers to target them. According to the Netcetera article, ‘Why Cyber criminals Target Canadian Small and Mid-Size Businesses’ hackers spend a huge chunk of their time targeting multiple small businesses daily asking for smaller ransom amounts that are “reasonable” to owners. This sum adds up quickly, “Hackers are serious about collecting ransom money. Whether the ransom demand is small or large, the amount paid in bitcoin, (a digital currency) is pure profit, untraceable and easy enough to get from a small business owner anxious to retrieve valuable data and keep functioning” [ii].
So, now that we have you well and worried about your business’ cyber security plan let’s talk about how you can be proactive. For a large-scale business, having a highly competent cyber security team in-house is key. However, the cost of an in-house team is not affordable to most small businesses and startups meaning they must get security from their third-party platforms. When utilizing a third-party platform’s resources, always ensure that the business has an infrastructure that is built to protect your data and ask them what their plan is in case of an attack. At Exempt Edge, protecting clients’ data has always been a top priority among our development team which is why when we had a ransomware attack earlier in 2019, we were able to protect our client’s data and not pay the hackers their ransom request.
The perilous decision to move forward without cyber security measures in place has resulted in many companies falling to an attack or going under. Being prepared and not reactionary is the key to your cyber security plan’s success, be that an in-house or third-party solution. The bottom line is, there’s a reason why the OSFI showed that cyber risk was a top issue among institutions and it’s up to your business to develop a strategy that alleviates risk.
Written by Gina Knegt, Digital Marketing and Communication Manager at Exempt Edge Inc.