2024: Cyber attacks are not a question of if, but when.
Key findings
Cybersecurity in the news
Just over 4-in-10 (43 per cent) respondents say their organization has made changes to its cybersecurity approaches in response to news about major cyber attacks.
Ransomware
Over one quarter (28 per cent) of cyber professionals report that their organization has been the victim of a successful ransomware attack in the last 12 months, up from 17 per cent in 2021. Of those, 79 per cent indicate that the organization paid ransom demands.
Reputational damage
28 per cent report damage to their organization’s reputation as an impact, compared to only six per cent in 2018 and 19 per cent in 2022.
The AI threat
7-in-10 (70 per cent) are worried about potential cyber threats from generative AI. Organizations are most concerned about data gathered by AI tools (61 per cent) and improved phishing emails and texts (56 per cent).
The AI advantage
More than half (57 per cent) say their organization has integrated AI tools into its workflow and operations, up from 44 per cent in 2023.
Who's attacking whom
Organizations are most likely to perceive profit-motivated cyber criminals as the biggest potential threat (60 per cent), followed by cyber criminals motivated by nationalist beliefs (33 per cent) and foreign state actors (32 per cent).
About the survey
The 2024 CIRA Cybersecurity Survey was conducted by The Strategic Counsel in August of 2024. It collected 500 online responses from cybersecurity decision-makers across Canada. The goal was to identify industry trends in perceptions and attitudes.
You can find the full survey results and a summary of the findings below.
Executive summary
The old adage that there are two certainties in life—death and taxes—is overdue for a revision. Based on the results of the 2024 CIRA Cybersecurity Survey, in which 44 per cent of Canadian organizations reported experiencing a cyber attack in the last 12 months, we can confidently add cyber attacks to this list.
The good news is that the survey results reveal that most Canadian organizations across the public, private and MUSH sectors (municipalities, universities, schools, and hospitals) understand the consequences of inaction when it comes to cybersecurity preparedness—and are stepping up to the plate.
Risk
This year’s survey finds that organizations in every sector are acutely aware of the risks associated with different forms of cyber crime. The top three perceived risks identified by cybersecurity professionals are malicious software (50 per cent), scams and fraud (45 per cent) and manipulation or theft of data (43 per cent).
Among the array of bad actors out there—and there are many—profit-motivated cyber criminals are most likely to be perceived as the biggest potential threat (60 per cent), followed by cyber criminals motivated by nationalist beliefs (33 per cent) and foreign state actors (32 per cent).
Another growing area of concern for cybersecurity professionals is the potential weaponization of generative AI by malicious profit-motivated and geopolitical cyber actors; 70 per cent of respondents say they’re worried about the impact that more sophisticated and damaging AI-powered attacks could have on their data and operations.
Resources and preparedness
Facing a rapidly evolving threat landscape, Canadian organizations continue to be proactive in raising their level of preparedness. More than eight in 10 (83 per cent) say they have a cyber incident response plan in place and 98 per cent conduct cybersecurity awareness training. As well, 82 per cent of organizations now have cybersecurity insurance coverage, which represents a 23-point increase from our 2021 survey.
They’re also making significant changes to their operations. More than three quarters of those surveyed (76 per cent) indicate that the human resources their organization devotes to IT systems management have increased in the past 12 months, and 74 per cent report that the financial resources allocated in these critical areas have increased as well.
Ransomware and other incidents
Ransomware remains a top threat for Canadian organizations with more than a quarter (28 per cent) saying they’ve been the victim of a successful ransomware attack in the last 12 months. This figure has grown significantly since 2021, when just 17 per cent of organizations reported being victimized by this type of cyber attack.
Ransomware has proven to be very damaging for Canadian organizations. Almost three quarters (73 per cent) of those that experienced a ransomware attack say that their data was exfiltrated. Almost eight in 10 organizations (79 per cent) that experienced a ransomware attack paid the attackers’ ransom demands, up from 70 per cent in CIRA’s 2023 survey. For organizations that chose to pay up, the typical cost was at least $25,000.
Recovery and reputational damages
Recovering from a cyber attack presents numerous challenges for Canadian organizations in every sector. Among those who fell victim to an attack in the last 12 months, almost three quarters (72 per cent) say it took under a month to recover their IT systems to pre-incident capacity and about half (52 per cent) say it took less than a week.
As for stolen or compromised data, most organizations say it took under a month to recover, and 41 per cent say it took less than a week. Reputational damage continues on an upward trend with 28 per cent of organizations citing it as an impact of a successful attack compared to just six per cent in 2018.
CIRA Cybersecurity services
CIRA has leveraged its experience managing a network of over 3 million .CA domains to develop a suite of enterprise-grade cybersecurity products—made by Canadians, for Canadians:
- CIRA DNS Firewall: a cloud-based cybersecurity solution that protects organizations from malware, ransomware, phishing and other cyber attacks.
- CIRA Canadian Shield: a free cybersecurity service that improves privacy by anonymizing DNS queries. The non-commercial tool helps Canadian households block viruses, ransomware and other malware.
- CIRA Cybersecurity Awareness Training: an integrated courseware and phishing simulation platform that enables organizations to educate their staff on how to protect themselves from cyber risks like social engineering and ransomware.
You can learn more about CIRA Cybersecurity services here.
