John Slater, Chief Security Officer at Think On, Inc.
All too often, companies discover the real cost of a cyberattack the hard way. If the right cybersecurity solutions are not deployed immediately following a breach, the potential for loss can rack up tens of millions in lost revenue. But the damages go much deeper, as Indigo Books & Music discovered last month during a highly publicized cybersecurity breach.
The retail giant soon discovered the full impact of the attack. Not only did online orders—which represent 30 percent of Indigo’s revenue—cease immediately, but in-store transactions were limited to cash, and many other customer services were suspended, such as returns and refunds.i Perhaps even more importantly, the cost of repairing the damage to the company’s reputation proved significant.
“If it goes on too much longer, it starts to look like an Indigo problem and not a hacker problem,” said retail analyst Bruce Winder in an interview with the Toronto Star. “They’ll start to ask why the company didn’t prepare for something like this.”ii
It’s a high stakes game and you want to set your company up to win
With the stakes this high, organizations need to plan now to protect their businesses. A next-generation holistic backup and robust disaster recovery solution with ransomware protection can prevent attacks and lock out bad actors—saving millions in revenue due to lost business transactions and ongoing reputational damage.
“They need to understand the solution is taking holistic security seriously—everything from installing multilayered defense-in-depth, DNS hardened firewalls, multifactor authentication, and access control. These are table stakes,” Byron Holland, Chief Executive Officer (CEO) of the Canadian Internet Registration Authority (CIRA) told participants in a Globe and Mail webinar.
As Chief Security Officer (CSO) at ThinkOn, I’ve worked with many partner organizations to secure operations and protect precious data. When a cyberattack is attempted, the relief our partners and our partner’s customers experience, knowing that the right tools are in place and recovery is immediate, is gratifying. We want every organization to experience that peace of mind.
No company wants a data catastrophe
Damage from a ransomware or cyberattack can range from minimal to catastrophic, depending on the company’s ability to absorb the loss. In the case of Empire Company Limited, owner of Canadian grocery giant Sobeys, the cost of a recent breach was estimated at $25 million CAD.iii The Liquor Control Board of Ontario (LCBO) and The Hospital for Sick Children (SickKids) both suffered recent losses due to ransomware and data breaches that jeopardized customer information and payroll procedures, putting their brands at risk long after the breach was discovered.iv
Canadian hospitals store vast amounts of critical medical data and credit information that cybercriminals are eager to hold for ransom. According to Howard Solomon in ITWorld Canada, “Hospitals and clinics have long been targets of hackers who believe the institutions are more willing than others to pay for the return of stolen data,”v
Small to medium-sized businesses sometimes think they aren’t big enough to be a target of attack, but that’s not true, and the consequences can be dire. According to Mandy D’Autremont, Vice President of Marketing Partnerships at the Canadian Federation of Independent Business in an interview with CityNews, “More than half of small businesses close within six months of a cyberattack.”vi
The sad truth is that every organization is at risk of breach. “Every company needs a cybersecurity plan,” said retail industry analyst Lisa Hutcheson in a recent interview with the Toronto Star. “It’s not a matter of if, it’s a matter of when.”vii
Since every organization has different needs, it’s important to take a holistic approach to each client’s technology journey. That way, a “perfect-fit” solution can be created that is cost-effective, easy to use, supported by experts, and able to grow and change with evolving needs.
Keep data and budgets safe
At ThinkOn, we’re enabling our partners to protect organizations in every sector and help their customers navigate through the toughest cyber challenges with innovative and future-proof solutions. It’s a commitment we’re making because we know that securing organizational data ensures safety for people everywhere, and we’ve got the right tools and expertise for the job with our integrated BaaS and DRaaS portfolio.
For many organizations, including medical clinics and hospitals, low budgets and lack of resources make addressing cybersecurity problems difficult, so managing IT costs is paramount. At ThinkOn, we keep budgets in check with reasonable pricing and no ingress, egress, or other hidden charges for BaaS, DRaaS, or any of our other solutions. This can save an organization $2,000 to $8,000 USD when migrating 100 TB of data per month. It’s your data, so why should you experience cost overruns to move it?
Organizations are finding it increasingly difficult to protect their most valuable asset. The risk to all Canadian organizations is on the rise, according to the Canadian Centre for Cybersecurity’s National Cyber Threat Assessment report for 2023–2024viii and Check Point Research reports that, “New data on cyberattack trends cites a 38 percent increase in global attacks in 2022, compared to 2021.”ix
In the U.S. alone, healthcare facilities saw an average of 1,410 weekly cyberattacks per organization in 2022. That represented an 86 percent increase compared to the previous year.x National Defense and other government organizations are also being targeted by foreign entities, according to law enforcement and intelligence agencies.xi
“This is a global problem,” says Craig McLellan, our Founder and CEO at ThinkOn. “But it’s increasingly obvious that Canadian companies are not immune to cyberattack. It’s our mission to protect organizations by helping our resellers create next-generation digital solutions with advanced and proven backup and disaster recovery systems.”
It’s important to be informed and learn more about protecting your data. Check out this case study about the benefits of ransomware-protected BaaS and DRaaS solutions.
Resources
i ctvnews.ca, CTV News, “Indigo risks reputational damage as outage drags on: experts.” https://www.ctvnews.ca/business/indigo-risks-reputational-damage-as-outage-drags-on-experts-1.6275475
ii thestar.com, Toronto Star, Clarrie Feinstein, “Indigo website still down and company likely losing ‘millions’ after cybersecurity attack last week.” https://www.thestar.com/business/2023/02/15/indigo-website-still-down-and-company-likely-losing-millions-daily-after-cyber-incident-last-week.html
iii thestar.com, Toronto Star, Clarrie Feinstein, “Indigo website still down and company likely losing ‘millions’ after cybersecurity attack last week.” https://www.thestar.com/business/2023/02/15/indigo-website-still-down-and-company-likely-losing-millions-daily-after-cyber-incident-last-week.html
iv Ibid
v itworldcanada.com, ITWorld Canada, Howard Solomon, “Management, lack of money blamed for poor cybersecurity at Canadian hospitals.” https://www.itworldcanada.com/article/management-lack-of-money-blamed-for-poor-cybersecurity-at-canadian-hospitals/527412
vi ottawa.citynews.ca, CityNews, Burt Bundale, The Canadian Press, “Indigo cyberattack highlights mounting prevalence, sophistication of hackers: experts.” https://ottawa.citynews.ca/local-news/indigo-cyberattack-highlights-mounting-prevalence-sophistication-of-hackers-experts-6535023
vii thestar.com, Toronto Star, Clarrie Feinstein, “Indigo website still down and company likely losing ‘millions’ after cybersecurity attack last week.” https://www.thestar.com/business/2023/02/15/indigo-website-still-down-and-company-likely-losing-millions-daily-after-cyber-incident-last-week.html
viii Cyber.gc.ca, National Cyber Threat Assessment, 2023-2024. https://cyber.gc.ca/sites/default/files/ncta-2023-24-web.pdf
ix Securitymagazine.com, Security Magazine, Joy LePree Anderson, “Global cyberattacks increased 38% in 2022.” https://www.securitymagazine.com/articles/98810-global-cyberattacks-increased-38-in-2022
x Ibid
xi itworld.canada.com, ITWorld Canada, Howard Solomon, “U.S., South Korea issue alert on North Korean-based ransomware groups.” https://www.itworldcanada.com/article/u-s-south-korea-issue-alert-on-north-korean-based-ransomware-groups/526649]