Chances are good that neither you nor your competitors are letting data inform your cyber risk management.
Fewer than two in five Canadian survey respondents (one in three globally) say they’ve integrated analytics and security intelligence tools into their cyber operating model.
These Canadian respondents scored lowest in their ability to turn data into insights for threat modelling, scenario building and predictive analysis—all critical technologies for smart cybersecurity decisions.
So many entities fail to benefit from today’s advanced intelligence tools and approaches. New types of internal data, data from new external sources, new data partnerships and information-sharing platforms can be important sources of security intelligence, but only about a quarter of respondents say they’re reaping benefits from these tools.
The other three-quarters are missing out. Businesses predicting an increase next year in their cybersecurity spending are in many cases the same enterprises whose operational models use security intelligence and data analytics. Data can not only help you spend your cyber budget wisely, but it can also help you get more to work with. The most improved (top 10% in cyber outcomes) global organizations are 18x more likely to state that these advanced approaches are integral to their operating model—a scenario we frequently see in Canada as well.
Percentage who say these are integral to their operating model today:
Percentage who report realizing benefits from these tools and approaches:
“In today’s system-of-systems world, cybersecurity can no longer be treated as a ‘too-hard-to-measure’ problem”
“In today’s system-of-systems world, cybersecurity can no longer be treated as a ‘too-hard-to-measure’ problem,” the US Cybersecurity & Infrastructure Security Agency argues. Still, as we saw above, only 30% of Canadian organizations quantify cyber risks today (26% globally).
The data you use to spot and understand threats, put a dollar figure on risks and prioritize them and predict cybercrime trends can be a powerful tool for convincing boards and the CEO to invest in your cyber program. On the other hand, if you’re having trouble getting the funding you need for cyber, you may need to do a better job of quantifying your cybersecurity risk.
By the same token, data can help you stay apprised of real-time risks and adjust security tactics and strategies as the business shifts. Globally, respondents in five business sectors said the most important reason to quantify cyber risk is “to continuously evaluate our risk landscape and priorities against changing business objectives.” Enterprise leaders recognize that risks are always in a state of flux and that data is the tool that lets them monitor and measure changes.
Sizing up risks is also important for sizing up opportunities and linking cyber-threat narratives to business narratives that the C-suite and boards can understand. A growing number of Canadian organizations recognize the importance of cybersecurity to business—but many still have a long way to go. Between 33% and 49% claim “significant progress” linking the two (37% and 42% globally), while 9% to 16% say they’ve made little or no progress aligning cyber and business goals (16% to 18% globally).
|Canadian rank||Global rank|
|To help evaluate and communicate risks in line with a defined risk tolerance||1||3|
|To provide information on the return on security investments||2||9|
|To measure the contribution of our security capabilities to risk mitigation||3||4|
|To identify and justify improvements to, or transformation in, protective capabilities||4||2|
|To continuously evaluate our risk landscape and priorities against changing business objectives||7||1|
Our Canadian respondents do make predictions about the next 12 months. Seventy percent expect an increase in cybercrime (60% globally), and 55% say nation-state attacks are likely to grow (53% globally). Mobile, the Internet of Things and cloud top the list of anticipated targets. But the type of attack could take almost any form, in our respondents’ minds.
Ransomware (23% in Canada; 21% globally) narrowly edged out compromised business email (22% in Canada; 20% globally), cloud service attacks (22% in Canada and globally) and disinformation (22% in Canada; 19% globally) as most likely to see significant increases. And a long line of other attack types scored between 10% and 21%. Notably, 54% expect a rise in breaches via their software supply chain (56% globally), with 19% of Canadian and global respondents eyeing significant increases.