According to research conducted by IBM — which reports that over 90 percent of data breaches stem from malicious attacks — the average cost of a single data breach, when measured globally, is $3.86 million USD. IBM’s research also revealed that today’s cyber fraudsters are much stealthier, meaning it will take longer for organizations to both detect and contain malicious attacks. These are risks even the savviest companies need to recognize and prepare for.

Reassuringly, cybersecurity is increasingly being regarded as a top priority for Canadian firms. A recent survey by CDW Canada revealed that Canadian businesses are most concerned about email security, ransomware protection, and intrusion prevention. The concerns shouldn’t be surprising after a summer in which the Town of Wasaga Beach, the Quebec Taxi Intermediary Reunion, and health care provider CarePartners, all fell victim to high profile cyber attacks.

Plugging company-wide information gaps

“Most companies understand that cyber attacks are an issue, but many are struggling to understand the details of the attacks and how to deal with them, especially smaller organizations without the resources to properly identify, articulate, and understand their threats and vulnerabilities,” says Bell Canada’s Chief Information Security Officer, Marc Duchesne, who serves as Chairman of the Board for the Canadian Cyber Threat Exchange (CCTX).

For many organizations, there’s still a disconnect between IT departments that are tuned into emerging threats and C-suite executives who lack the technical background to understand the true nature and scope of those threats. According to Robert Gordon, Executive Director of the CCTX, this is an important issue that must be addressed, since a cyberattack is a threat to an entire business — not just the IT department.

“This is a whole-of-business issue, without question,” says Gordon. “Any assessment of risk related to an IT threat should be conducted by the business unit as it’s essential to understand the value of your data from a business perspective.”

Helping Canada guard against cyber attacks

Launched in 2016, the CCTX helps Canadian businesses guard against cyber attacks. As an independent, non-profit organization, it provides its members with analysis of cybersecurity issues and acts as a point of contact for cyber information-sharing organizations in other countries, while facilitating information sharing amongst Canadian organizations in a secure environment.

"The main reason behind the creation of the CCTX was to enable businesses to share information regarding cyber threats and responses,” says Duchesne. “The founding members wanted to both enhance their own capabilities, and also help protect small- and medium-sized businesses, who happen to be an important part of their supply chains, from criminals and hackers."

“Collaboration is the foundation of effective cyber resiliency,” says Scott Jones, Head of the recently-announced Canadian Centre for Cyber Security (which will be part of the Communications Security Establishment). “Our partnership with CCTX provides a valuable network to share vital cybersecurity information across multiple sectors in an efficient and effective way.”

C-suite executives from some of Canada’s leading finance, telecommunications, insurance, transportation, and energy companies were founding members of the organization.

“Cybersecurity is not just for organizations that possess valuable intellectual property or sensitive personal data,” says Gordon. “If you have information that’s of value to you and your organization, it’s worthwhile for somebody to try to steal it from you or to deny you access to it.”

With a focus on information sharing and collaboration, the CCTX continues to work tirelessly to provide Canadian companies with access to the latest threat intelligence to improve their cyber resilience in today’s changing digital economy.