According to the most recent EY 2023 Cybersecurity Leadership Insights study, 81% of Canadian companies have averaged 25 Security in the past year....
I have not been able to see the entire report yet but find it hard to believe that 81% of Canadian Companies have had this happen.
If anyone has the study, would you send a link?
d
@dcontesti wrote:...81% of Canadian companies have averaged 25 Security [incidents] in the past year ... hard to believe ...
Will be interesting to see how EY defined "security incident". Guessing it did not establish a minimum business loss (time/money).
Two examples of why this matters: A colleague's highly privileged account was used 120 miles from our office. IR team called; the colleague confirmed attended to a break/fix call while visiting that location.
And, a few weeks ago, our SIEM flagged a command I ran as an IOC. IR team calls, confirms it was me, that this fits within my role, and then whitelisted the command for my team.
In both cases, something unusual was observed, a incident ticket was created and there was an of investment of time to investigate and resolve. Both tickets show 1 hour and 0 dollars, so they will be included in our workload metrics, but not in the business-facing reports.