Two-thirds of Canadian companies say they are losing the war on cyber security

Number of attacks per year on the rise for third year in a row; malware, ransomware, spear fishing, and botnet attacks expected to increase in 2017

TORONTO, Feb. 9, 2017 /CNW/ - The number, sophistication, and severity of cyber-attacks on companies in Canada are each on the rise, according to the findings of a new study from Scalar Decisions Inc. of more than 650 Canadian IT and security workers.

Released today, the 2017 Scalar Security Study (commissioned by Scalar and independently by Ponemon Institute) showed that confidence continues to decline among Canadian organizations for the third year in a row as fewer believe they are winning the quickly-evolving war on security. The average number of reported cyber-attacks on Canadian organizations rose to an average of 44 attacks per year, up nearly 30% since the initial survey in 2014. The vast majority of respondents also report that both the severity (81%) and sophistication (72%) of attacks are increasing.

"IT leaders are under pressure right now, feeling like there is a deficit of properly trained personnel available in the workforce. This has led to a distinct lack of in-house expertise, which is critical to a strong cyber security posture for Canadian companies," said Ryan Wilson, Chief Technology Officer, Security, Scalar Decisions. "The increase in incidents and decreasing confidence we are seeing coincides with the growing sophistication, severity, and cost of attacks."

The study, examining the cyber security readiness of Canadian organizations and year-over-year trends in handling and managing growing cyber threats, also found:

  • 41 per cent of respondents indicated their organization had systems in place to deal with APT's (advanced persistent threats), up from 38 per cent last year.
  • The most frequent compromise continue to be web-borne malware attacks (76%) followed by rootkits (67%).
  • Threats on the rise for 2017 including spear phishing, exploits of existing software vulnerability greater than three months old, and botnet attacks.
  • Among some of the biggest threats there have been slight decreases in web-borne malware attacks, APTs, clickjacking, exploits of existing software vulnerability less than three months old and zero day attacks since 2016.
  • Mobile devices (75%) and third party applications (70%) were identified as the greatest potential risks threatening their company's IT environment.
  • Negligent third party risk has increased significantly since last year along with negligent insider risk.
  • Only 21 per cent of respondents faced with ransomware report incidents to law enforcements, with the most common reaction currently being to simply pay the ransom.
  • On average, organizations represented in this study spent approximately $7.2 million on the following to remediate cyber security compromises: clean up or remediation ($873,448), lost user productivity ($963,663), disruption to normal operations ($1.2 million), damage or theft of IT assets and infrastructure ($1.7 million) and damage to reputation and marketplace image ($2.5 million).


"The overall picture being painted by the study's results is the need for enterprise-wide adoption of cyber security strategy, and the investment in both technologies and individuals with hands-on experience," added Wilson. "Organizations need trained personnel who understand how to react when faced with threats such as ransomware, spear fishing, and increasing incidents of rootkits."

About the 2017 Scalar Security Study
All responses were captured in October 2016 via a web-based survey conducted by Ponemon Institute. The final sample was 658 respondents from a sampling frame of IT and IT security practitioners located in Canada.  Respondents came from a wide variety of industries, with almost 54% working at companies with an employee count between 251 and 5,000. The majority of respondents reported their position as at or above the supervisory level.

The full study can be downloaded at

About Scalar Decisions
Scalar is Canada's leading IT solutions provider, focused on security, infrastructure, and cloud. Founded in 2004, Scalar is headquartered in Toronto, with offices in Montreal, Ottawa, London, Winnipeg, Calgary, Edmonton, and Vancouver. Scalar was recently named to the CRN Fast Growth Top 150 List and listed on the PROFIT 500 for the seventh year running. In addition, Scalar was deemed a major player in the IDC MarketScape for Canadian managed security service providers and ranked the #1 ICT security company on the 2014 - 2016 editions of the Branham 300. For further details, visit or follow Scalar on Twitter, @scalardecisions.

About Ponemon Institute
Ponemon Institute is dedicated to independent research and education that advances responsible information and privacy management practices within business and government.

SOURCE Scalar Decisions Inc.

For further information: Matt Roth, Kaiser Lachance Communications, 647-725-2520 x 222,

Custom Packages

Browse our custom packages or build your own to meet your unique communications needs.

Start today.

CNW Membership

Fill out a CNW membership form or contact us at 1 (877) 269-7890

Learn about CNW services

Request more information about CNW products and services or call us at 1 (877) 269-7890