Latest news with #DainaProctor
CTV News
30-07-2025
- Business
- CTV News
Costs of data breaches dropping globally but not in Canada: IBM study
The uOttawa-IBM Cyber Range at the University of Ottawa, in Ottawa, is seen on Wednesday, May 22, 2024. THE CANADIAN PRESS/Justin Tang TORONTO — A new report shows the global average cost of a data breach dropped for the first time in five years — but not in Canada. The average cost of a breach between March 2024 and February 2025 was $6.4 million, down from $6.6 million a year earlier, showed research released Wednesday from technology giant IBM and the Ponemon Institute, a U.S.-based cybersecurity research centre. While global costs are decreasing because of shorter breach life cycles, expenses related to these attacks have risen in Canada, IBM Canada's security delivery leader Daina Proctor said. The average cost of a Canadian breach soared 10.4 per cent to $6.98 million in the latest year studied from $6.32 million the year before. Canada's average is higher because detection and escalation costs, which cover forensic investigators, regulatory responses, legal counsel and crisis communications, have risen, Proctor said. Detection costs now average $470,000 in Canada, while post-breach recovery costs hover around $270,000. At the same time, Canada is facing rising costs because of 'slower adoption of AI-driven defences and governance gaps,' Proctor said in an email. In the last year, cybersecurity issues have been reported at Nova Scotia Power, the College of New Caledonia in Prince George, B.C., and PowerSchool, the maker of education software used by many Canadian schools. Breaches can be expensive because they can be difficult to detect and assessing and recovering from them can be tedious, time-consuming work requiring many professionals and sometimes, interruptions for customers and workers. Most countries have seen fees associated with a breach drop because it's taking less time to investigate breaches. Yet several countries including Canada bucked that trend. IBM and Ponemon's research showed the cost of data breaches also rose in the U.S., India, the Association of Southeast Asian Nations and Benelux — the economic union of Belgium, the Netherlands and Luxembourg. Average breach costs in the United States reached a record US$10.22 million, an increase of nine per cent from last year. When it analyzed 600 organizations impacted by data breaches, it found the most expensive attacks hit the health care sector, followed by the financial, industrial and energy industries. In many instances, hackers made use of shadow artificial intelligence — when workers use AI without employer approval or oversight. 'Shadow AI has become one of the biggest blind spots for organizations today,' Proctor said. 'Employees are adopting AI tools to boost their productivity, but without oversight, they are inadvertently creating vulnerabilities.' Shadow AI systems often process sensitive data and interact with external systems companies have no control over. 'Once attackers exploit these gaps, the cascading effects can expose entire systems and supply chains to significant breaches,' Proctor said. Twenty per cent of the organizations studied said they suffered a breach due to security incidents involving shadow AI. Global organizations with high levels of shadow AI said use of this technology added $967,011 to the average breach price tag compared to those that had low levels of shadow AI or none. Incidents involving shadow AI also resulted in more personal identifiable information and intellectual property being compromised. To address the risks associated with shadow AI, Proctor said companies need to give workers more approved AI tools and conduct regular audits to find gaps in their offerings and employee compliance. This report by The Canadian Press was first published July 30, 2025. Tara Deschamps, The Canadian Press
Yahoo
30-07-2025
- Business
- Yahoo
Costs of data breaches dropping globally but not in Canada: IBM study
TORONTO — A new report shows the global average cost of a data breach dropped for the first time in five years — but not in Canada. The average cost of a breach between March 2024 and February 2025 was $6.4 million, down from $6.6 million a year earlier, showed research released Wednesday from technology giant IBM and the Ponemon Institute, a U.S.-based cybersecurity research centre. While global costs are decreasing because of shorter breach life cycles, expenses related to these attacks have risen in Canada, IBM Canada's security delivery leader Daina Proctor said. The average cost of a Canadian breach soared 10.4 per cent to $6.98 million in the latest year studied from $6.32 million the year before. Canada's average is higher because detection and escalation costs, which cover forensic investigators, regulatory responses, legal counsel and crisis communications, have risen, Proctor said. Detection costs now average $470,000 in Canada, while post-breach recovery costs hover around $270,000. At the same time, Canada is facing rising costs because of "slower adoption of AI-driven defences and governance gaps," Proctor said in an email. In the last year, cybersecurity issues have been reported at Nova Scotia Power, the College of New Caledonia in Prince George, B.C., and PowerSchool, the maker of education software used by many Canadian schools. Breaches can be expensive because they can be difficult to detect and assessing and recovering from them can be tedious, time-consuming work requiring many professionals and sometimes, interruptions for customers and workers. Most countries have seen fees associated with a breach drop because it's taking less time to investigate breaches. Yet several countries including Canada bucked that trend. IBM and Ponemon's research showed the cost of data breaches also rose in the U.S., India, the Association of Southeast Asian Nations and Benelux — the economic union of Belgium, the Netherlands and Luxembourg. Average breach costs in the United States reached a record US$10.22 million, an increase of nine per cent from last year. When it analyzed 600 organizations impacted by data breaches, it found the most expensive attacks hit the health care sector, followed by the financial, industrial and energy industries. In many instances, hackers made use of shadow artificial intelligence — when workers use AI without employer approval or oversight. 'Shadow AI has become one of the biggest blind spots for organizations today," Proctor said. "Employees are adopting AI tools to boost their productivity, but without oversight, they are inadvertently creating vulnerabilities." Shadow AI systems often process sensitive data and interact with external systems companies have no control over. "Once attackers exploit these gaps, the cascading effects can expose entire systems and supply chains to significant breaches," Proctor said. Twenty per cent of the organizations studied said they suffered a breach due to security incidents involving shadow AI. Global organizations with high levels of shadow AI said use of this technology added $967,011 to the average breach price tag compared to those that had low levels of shadow AI or none. Incidents involving shadow AI also resulted in more personal identifiable information and intellectual property being compromised. To address the risks associated with shadow AI, Proctor said companies need to give workers more approved AI tools and conduct regular audits to find gaps in their offerings and employee compliance. This report by The Canadian Press was first published July 30, 2025. Tara Deschamps, The Canadian Press Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Cision Canada
30-07-2025
- Business
- Cision Canada
IBM Report: Canadians' Data Security Under Increased Threat, While Breach Costs Surge Français
AI Can Help Businesses Save Millions and Protect Consumer Data Canadian businesses are losing CA$6.98 million on average to data breaches, with impacts trickling down to consumers. Shadow AI is driving up risks, adding CA$308,000 per breach for Canadian businesses and increasing the likelihood of sensitive data exposure. Adopting security AI and automation extensively reduced breach costs to CA$5.19 million, compared to CA$8.53 million for those organizations not using these technologies. MARKHAM, ON, July 30, 2025 /CNW/ -- Data breaches in Canada are becoming more costly and complex, with organizations paying an average of CA$6.98 million per breach in 2025, according to the latest IBM Cost of a Data Breach Report. This represents a 10.4% increase from CA$6.32 million in 2024, reflecting the growing financial impact of security incidents. Among the report's findings is the rise of unsanctioned AI– known as Shadow AI – which amplify risks, escalate costs, and expose sensitive consumer data. Often introduced by employees using unapproved AI systems, shadow AI creates vulnerabilities and compliance issues for businesses. The report emphasizes the critical role of security AI and automation in reducing breach costs and improving detection efficiency. Organizations extensively using security AI and autonomation report average breach costs of CA$5.19 million, compared to CA$8.53 million for those not using these tools. Additionally, these technologies helped organizations achieve faster detection and containment, shortening breach lifecycles by 59 days for those using them extensively. "Cybersecurity isn't just about protecting data — it is about protecting your business's bottom line and reputation," said Daina Proctor, Security Delivery Leader, IBM Canada. "This report shows that organizations using AI and automation are saving millions and detecting breaches much faster, but gaps in AI security and governance, like the use of shadow AI, are leaving businesses exposed to unnecessary risks. By investing in AI tools and building clear AI policies, companies can take control of their security and stay ahead of emerging threats." Key Findings in Canada for 2025 Overexposed AI: One in three Canadian businesses reported not having access controls on AI systems, positioning them as easy, high-value targets. Shadow AI Risks: The use of shadow AI was also found to be a top breach cost driver for Canadian businesses, with breaches involving shadow AI increasing costs by $308,000. Phishing Scams: The most common initial attack vector, phishing scams cost Canadian organizations an average of CA$7.91 million per breach, a 24% increase from CA$6.38 million in 2024. Industry Impacts: The financial sector leads breach costs at CA$9.97 million in 2025, a 7.4% increase from CA$9.28 million in 2024, reflecting the high sensitivity and value of financial data. Pharmaceutical breaches cost CA$7.99 million, incidents across this sector have the potential to expose intellectual property and delay treatments by impacting supply. Breaches in the industrial sectors cost an average of CA$8.39 million, as these organizations have a low tolerance for downtime, making them easy targets for attackers. How AI is Transforming Cybersecurity Operations The report highlights that organizations extensively adopting AI and automation across their security operations centre (SOC) see significant financial benefits. AI tools automate manual cybersecurity tasks, including across threat detection and response, allowing security teams to focus on higher-priority initiatives. Security automation accelerates response times and reduces the impact of breaches. Organizations using these tools extensively reported faster breach identification, with the Mean Time to Identify (MTTI) reduced to 118 days, compared to 162 days for organizations not using these technologies. What It Means for Canadians Data breaches are not just a corporate issue – they affect everyone. When organizations lose millions to cyberattacks, it impacts Canadians through: Higher Costs for Goods and Services: Businesses often pass on breach costs to consumers by increasing the prices of their goods or services. Stolen Personal Data: Breaches frequently expose personal information, including banking details, health records, and more. Service Disruptions: Breaches can lead to delays in shipments, cancelled appointments, and interruptions in critical services. Recommendations for Canadian Businesses Govern and Secure AI Systems: Develop policies to manage the use of AI, prevent shadow AI, and ensure compliance with privacy laws. Invest in Security Automation: Use AI tools to detect and contain breaches faster. Connect security for AI and governance for AI: Investing in integrated security and governance software can help organizations automatically discover and govern shadow AI. Expand Employee Training: Strengthen security awareness programs to minimize human error. Additional sources: Media Contact Lorraine Baldwin IBM Canada Communications [email protected]
Winnipeg Free Press
30-07-2025
- Business
- Winnipeg Free Press
Costs of data breaches dropping globally but not in Canada: IBM study
TORONTO – A new report shows the global average cost of a data breach dropped for the first time in five years — but not in Canada. The average cost of a breach between March 2024 and February 2025 was $6.4 million, down from $6.6 million a year earlier, showed research released Wednesday from technology giant IBM and the Ponemon Institute, a U.S.-based cybersecurity research centre. While global costs are decreasing because of shorter breach life cycles, expenses related to these attacks have risen in Canada, IBM Canada's security delivery leader Daina Proctor said. The average cost of a Canadian breach soared 10.4 per cent to $6.98 million in the latest year studied from $6.32 million the year before. Canada's average is higher because detection and escalation costs, which cover forensic investigators, regulatory responses, legal counsel and crisis communications, have risen, Proctor said. Detection costs now average $470,000 in Canada, while post-breach recovery costs hover around $270,000. At the same time, Canada is facing rising costs because of 'slower adoption of AI-driven defences and governance gaps,' Proctor said in an email. In the last year, cybersecurity issues have been reported at Nova Scotia Power, the College of New Caledonia in Prince George, B.C., and PowerSchool, the maker of education software used by many Canadian schools. Breaches can be expensive because they can be difficult to detect and assessing and recovering from them can be tedious, time-consuming work requiring many professionals and sometimes, interruptions for customers and workers. Most countries have seen fees associated with a breach drop because it's taking less time to investigate breaches. Yet several countries including Canada bucked that trend. IBM and Ponemon's research showed the cost of data breaches also rose in the U.S., India, the Association of Southeast Asian Nations and Benelux — the economic union of Belgium, the Netherlands and Luxembourg. Average breach costs in the United States reached a record US$10.22 million, an increase of nine per cent from last year. When it analyzed 600 organizations impacted by data breaches, it found the most expensive attacks hit the health care sector, followed by the financial, industrial and energy industries. In many instances, hackers made use of shadow artificial intelligence — when workers use AI without employer approval or oversight. 'Shadow AI has become one of the biggest blind spots for organizations today,' Proctor said. 'Employees are adopting AI tools to boost their productivity, but without oversight, they are inadvertently creating vulnerabilities.' Shadow AI systems often process sensitive data and interact with external systems companies have no control over. 'Once attackers exploit these gaps, the cascading effects can expose entire systems and supply chains to significant breaches,' Proctor said. Twenty per cent of the organizations studied said they suffered a breach due to security incidents involving shadow AI. Global organizations with high levels of shadow AI said use of this technology added $967,011 to the average breach price tag compared to those that had low levels of shadow AI or none. Incidents involving shadow AI also resulted in more personal identifiable information and intellectual property being compromised. To address the risks associated with shadow AI, Proctor said companies need to give workers more approved AI tools and conduct regular audits to find gaps in their offerings and employee compliance. This report by The Canadian Press was first published July 30, 2025.
Hamilton Spectator
30-07-2025
- Business
- Hamilton Spectator
Costs of data breaches dropping globally but not in Canada: IBM study
TORONTO - A new report shows the global average cost of a data breach dropped for the first time in five years — but not in Canada. The average cost of a breach between March 2024 and February 2025 was $6.4 million, down from $6.6 million a year earlier, showed research released Wednesday from technology giant IBM and the Ponemon Institute, a U.S.-based cybersecurity research centre. While global costs are decreasing because of shorter breach life cycles, expenses related to these attacks have risen in Canada, IBM Canada's security delivery leader Daina Proctor said. The average cost of a Canadian breach soared 10.4 per cent to $6.98 million in the latest year studied from $6.32 million the year before. Canada's average is higher because detection and escalation costs, which cover forensic investigators, regulatory responses, legal counsel and crisis communications, have risen, Proctor said. Detection costs now average $470,000 in Canada, while post-breach recovery costs hover around $270,000. At the same time, Canada is facing rising costs because of 'slower adoption of AI-driven defences and governance gaps,' Proctor said in an email. In the last year, cybersecurity issues have been reported at Nova Scotia Power, the College of New Caledonia in Prince George, B.C., and PowerSchool, the maker of education software used by many Canadian schools. Breaches can be expensive because they can be difficult to detect and assessing and recovering from them can be tedious, time-consuming work requiring many professionals and sometimes, interruptions for customers and workers. Most countries have seen fees associated with a breach drop because it's taking less time to investigate breaches. Yet several countries including Canada bucked that trend. IBM and Ponemon's research showed the cost of data breaches also rose in the U.S., India, the Association of Southeast Asian Nations and Benelux — the economic union of Belgium, the Netherlands and Luxembourg. Average breach costs in the United States reached a record US$10.22 million, an increase of nine per cent from last year. When it analyzed 600 organizations impacted by data breaches, it found the most expensive attacks hit the health care sector, followed by the financial, industrial and energy industries. In many instances, hackers made use of shadow artificial intelligence — when workers use AI without employer approval or oversight. 'Shadow AI has become one of the biggest blind spots for organizations today,' Proctor said. 'Employees are adopting AI tools to boost their productivity, but without oversight, they are inadvertently creating vulnerabilities.' Shadow AI systems often process sensitive data and interact with external systems companies have no control over. 'Once attackers exploit these gaps, the cascading effects can expose entire systems and supply chains to significant breaches,' Proctor said. Twenty per cent of the organizations studied said they suffered a breach due to security incidents involving shadow AI. Global organizations with high levels of shadow AI said use of this technology added $967,011 to the average breach price tag compared to those that had low levels of shadow AI or none. Incidents involving shadow AI also resulted in more personal identifiable information and intellectual property being compromised. To address the risks associated with shadow AI, Proctor said companies need to give workers more approved AI tools and conduct regular audits to find gaps in their offerings and employee compliance. This report by The Canadian Press was first published July 30, 2025.
