Cost of data breach up 12 per cent: Survey

Inflation is up for all sorts of products and services, including the cost of a data breach.
The median cost of a data breach to an organization this year was US$2.5 million, according to an EY survey, an increase of 12 per cent over last year.

The numbers are included in the EY 2023 Global Cybersecurity Leadership Insights Study, which polled 500 cyberscurity and C-suite leaders in 25 countries.

Looking at the responses of the 62 Canadian leaders alone, 81 per cent said their organization had experienced at least 25 cybersecurity incidents in the last 12 months. That compared to 73 per cent of all global respondents.

Almost half of Canadian survey respondents said their organization’s main challenge to cybersecurity is difficulty in balancing security and innovation. While emerging technologies hold a lot of promise for businesses looking to bolster their cyber defences, Canadian and global leaders alike rank cloud and IoT as the biggest technology risks in the next five years.

Only one-in-five chief information security officers (CISOs) and C-suite executives in the Canadian survey considered their organization’s cybersecurity to be effective today and well-positioned for tomorrow. Similarly, only 49 per cent of Canadian respondents said they’re satisfied with the C-suite’s integration of cyber into business decisions — quite a bit lower than 58 per cent of their global counterparts.

That indicates Canadian organizations’ cyber approach may be less mature than other jurisdictions, says EY.

“There appears to be a significant gap in how leaders factor cybersecurity into business decisions as a true value driver, which could result in delayed vigilance and potentially disastrous implications,” said Yogen Appalraju, EY Canada cybersecurity leader. “By weaving cybersecurity into the fibre of an organization, emphasizing simplicity and adopting holistic thinking, cyber leaders can reduce risk and improve visibility.”

Using statistical modeling, EY split organizations that agreed to participate in the survey into two groups: Leading organizations with the most effective cybersecurity, called “Secure Creators,” and lower-performing firms called “Prone Enterprises.”

Secure Creators have fewer cyber incidents and are quicker at detecting and responding to incidents. They are also more likely to be satisfied with their cybersecurity approach today (51 per cent vs. 36 per cent) and more likely to feel prepared for the threats of tomorrow (53 per cent vs. 41 per cent).

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs