2017 scalar security study summary
TRANSCRIPT
![Page 1: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/1.jpg)
The Cyber Security Readiness of Canadian Organizationsresults of the 2017 scalar security study
![Page 2: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/2.jpg)
We surveyed 658 IT and IT security practitioners in Canada with a goal of learning:
Strategies to achieve a stronger cyber security posture How Canadian organizations are responding to growing cyber security threats How much cyber security threats are costing Canadian organizations on an annual basis What technology and methods respondents are using to improve their chances of winning the cyber security war
![Page 3: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/3.jpg)
What you need to know about the current trends in the cyber security
landscape in Canada today.
![Page 4: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/4.jpg)
Canadianorganizationsfaced approximately
44 cyber attacks in the last 12 months.
![Page 5: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/5.jpg)
Canadians are losing the war
on cyber security. Only
34% believe they are winning.
![Page 6: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/6.jpg)
Web-borne malware attacks arethe most frequent type of incidents
that organizations are seeing in their IT networks.
![Page 7: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/7.jpg)
Similar to last year, mobile devices and third party applications are the
most targeted platforms.
![Page 8: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/8.jpg)
The cost of abreach is increasing. On average, organizations
spent 7.2MILLION* in 2016 on cyber security compromises. *compared to $7M in 2015
![Page 9: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/9.jpg)
The Canadian threat landscape is on the rise, so we continue to ask whether organizations are spending enough of
their IT budget on security.
![Page 10: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/10.jpg)
Organizations seem to be making investments in gaining better visibility and control over their IT environments,
including breach response retainers, SIEM, and threat intelligence, however,
no technology is infallible.
![Page 11: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/11.jpg)
Insider threats are on the rise.
44% of respondents say their organizations are not
monitoring individuals who have access to sensitive files and information.
![Page 12: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/12.jpg)
Insider threats are becoming much more prevalent. While the most
likely attacks continue to be criminal syndicates and lone wolf hackers, for
the first time, insider threats were ranked higher than corporate espionage.
![Page 13: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/13.jpg)
Organizations have difficulty preventing cyber attacks from evading intrusion detection (IDS) and anti-virus
(AV) systems.
![Page 14: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/14.jpg)
79% of respondents say their organization’s AV or IDS systems failed to prevent cyber attacks.
![Page 15: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/15.jpg)
For the first time, we asked respondents about their experience
with ransomware.
![Page 16: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/16.jpg)
35% of organizations report having had employees
targeted by ransomware. Only 21% reported the incident to law enforcement.
![Page 17: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/17.jpg)
46% of respondents say their organization experienced a DDoS attack that caused a disruption to business operations and/or system downtime.
![Page 18: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/18.jpg)
So what exactly is the benefit of being considered a high performing
organization?
![Page 19: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/19.jpg)
We’ve concluded that high performing organizations are more likely to
recognize the evolving state of cyber threat in Canada, but also align their
strategy for mitigating these risks to the overall business goals and objectives.
![Page 20: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/20.jpg)
Even though they have a greater
awareness of the cyber security threat landscape,
only 37% of high performing organizations believe
they are winning the war on cyber security.
![Page 21: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/21.jpg)
Here are our final recommendations...
![Page 22: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/22.jpg)
¡Invest in technologies and systems that will reduce growing insider threat, including identifying vulnerabilities through risk assessments and audits¡Recruit individuals with hands-on experience to help lead the organization’s cyber security team¡Engage in threat sharing intelligence to increase the ability to proactively deal with the sophistication and severity of cyber threats¡APT-related incidents are on the rise, this should influence IT security planning by including effective strategies to protect vulnerabilities via the web, email, and endpoints
![Page 23: 2017 Scalar Security Study Summary](https://reader035.vdocuments.mx/reader035/viewer/2022062504/5a6d5de87f8b9a16428b5471/html5/thumbnails/23.jpg)
Interested in learning more?
Download the full study at:scalar.ca/scalar-security-study-2017/