Cyberattacks are Fewer in Number but Smarter in Strategy, Says CDW Canada Study
CDW Canada has released its annual Canadian Cybersecurity Study revealing significant trends in cybersecurity landscape. While cyberattacks have decreased in frequency, their impact has intensified, with 87% of Canadian organizations reporting security incidents and experiencing an average downtime of 14 days.
The study highlights challenges in Generative AI adoption, with organizations conducting an average of 17 GenAI proof-of-concepts, but only 28% successfully transitioning to production. Major barriers include data privacy concerns (64%), skills shortages (57%), and system integration complexities (44%).
The research also reveals that 61% of Canadian organizations report public cloud environments as most impacted by cyberattacks. Organizations with annual security testing reported fewer infiltrations and breaches. Additionally, 41% of organizations have adopted Managed Detection and Response (MDR) services, with 37% planning future adoption.
CDW Canada ha pubblicato il suo studio annuale sulla cybersicurezza canadese, rivelando tendenze significative nel panorama della cybersicurezza. Sebbene la frequenza degli attacchi informatici sia diminuita, il loro impatto si è intensificato, con l'87% delle organizzazioni canadesi che segnalano incidenti di sicurezza e un tempo medio di inattività di 14 giorni.
Lo studio evidenzia le sfide nell'adozione dell'IA generativa, con le organizzazioni che conducono in media 17 prove di concetto di GenAI, ma solo 28% riescono a passare con successo alla produzione. I principali ostacoli includono preoccupazioni per la privacy dei dati (64%), carenza di competenze (57%) e complessità nell'integrazione dei sistemi (44%).
La ricerca rivela anche che 61% delle organizzazioni canadesi segnalano che gli ambienti cloud pubblici sono i più colpiti dagli attacchi informatici. Le organizzazioni con test di sicurezza annuali hanno riportato meno infiltrazioni e violazioni. Inoltre, 41% delle organizzazioni hanno adottato servizi di Rilevamento e Risposta Gestiti (MDR), con 37% che pianificano un'adozione futura.
CDW Canada ha lanzado su estudio anual sobre ciberseguridad en Canadá, revelando tendencias significativas en el panorama de la ciberseguridad. Aunque la frecuencia de los ciberataques ha disminuido, su impacto se ha intensificado, con el 87% de las organizaciones canadienses informando incidentes de seguridad y experimentando un tiempo de inactividad promedio de 14 días.
El estudio destaca los desafíos en la adopción de IA Generativa, con las organizaciones realizando un promedio de 17 pruebas de concepto de GenAI, pero solo 28% logrando una transición exitosa a producción. Las principales barreras incluyen preocupaciones sobre la privacidad de los datos (64%), escasez de habilidades (57%) y complejidades en la integración de sistemas (44%).
La investigación también revela que 61% de las organizaciones canadienses informan que los entornos de nube pública son los más afectados por ciberataques. Las organizaciones con pruebas de seguridad anuales reportaron menos infiltraciones y violaciones. Además, 41% de las organizaciones han adoptado servicios de Detección y Respuesta Gestionados (MDR), con 37% planeando una adopción futura.
CDW 캐나다는 연례 캐나다 사이버 보안 연구를 발표하여 사이버 보안 환경의 중요한 트렌드를 밝혔습니다. 사이버 공격의 빈도는 감소했지만, 그 영향력은 강화되었으며, 87%의 캐나다 조직이 보안 사고를 보고하고 평균 14일의 다운타임을 경험하고 있습니다.
이 연구는 생성적 AI 도입에서의 도전 과제를 강조하며, 조직들이 평균 17개의 GenAI 개념 증명을 수행했지만, 28%만이 성공적으로 생산으로 전환되고 있습니다. 주요 장벽으로는 데이터 프라이버시 문제(64%), 기술 인력 부족(57%), 시스템 통합의 복잡성(44%)이 포함됩니다.
연구 결과, 61%의 캐나다 조직이 사이버 공격으로 가장 큰 영향을 받는 환경으로 공용 클라우드를 보고하고 있습니다. 연간 보안 테스트를 실시한 조직은 침투 및 위반이 적었습니다. 또한, 41%의 조직이 관리형 탐지 및 대응(MDR) 서비스를 채택하였고, 37%는 향후 채택을 계획하고 있습니다.
CDW Canada a publié son étude annuelle sur la cybersécurité canadienne, révélant des tendances significatives dans le paysage de la cybersécurité. Bien que la fréquence des cyberattaques ait diminué, leur impact s'est intensifié, avec 87% des organisations canadiennes signalant des incidents de sécurité et une durée d'arrêt moyenne de 14 jours.
L'étude met en lumière les défis liés à l'adoption de l'IA générative, les organisations réalisant en moyenne 17 preuves de concept GenAI, mais seulement 28% réussissant à passer à la production. Les principales barrières incluent des préoccupations concernant la confidentialité des données (64%), des pénuries de compétences (57%) et des complexités d'intégration des systèmes (44%).
La recherche révèle également que 61% des organisations canadiennes signalent que les environnements cloud publics sont les plus touchés par les cyberattaques. Les organisations ayant effectué des tests de sécurité annuels ont signalé moins d'infiltrations et de violations. De plus, 41% des organisations ont adopté des services de Détection et Réponse Gérées (MDR), avec 37% prévoyant une adoption future.
CDW Kanada hat seine jährliche kanadische Cybersecurity-Studie veröffentlicht, die bedeutende Trends in der Cybersecurity-Landschaft aufzeigt. Während die Häufigkeit von Cyberangriffen abgenommen hat, hat sich ihre Auswirkung verstärkt, wobei 87% der kanadischen Organisationen Sicherheitsvorfälle melden und eine durchschnittliche Ausfallzeit von 14 Tagen erfahren.
Die Studie hebt die Herausforderungen bei der Einführung von generativer KI hervor, wobei Organisationen im Durchschnitt 17 GenAI-Prototypen durchführen, aber nur 28% erfolgreich in die Produktion übergehen. Zu den Hauptbarrieren gehören Bedenken hinsichtlich des Datenschutzes (64%), Fachkräftemangel (57%) und Komplexität bei der Systemintegration (44%).
Die Forschung zeigt auch, dass 61% der kanadischen Organisationen angeben, dass öffentliche Cloud-Umgebungen am stärksten von Cyberangriffen betroffen sind. Organisationen mit jährlichen Sicherheitstests berichteten von weniger Eindringlingen und Verletzungen. Darüber hinaus haben 41% der Organisationen Managed Detection and Response (MDR)-Dienste übernommen, wobei 37% eine zukünftige Übernahme planen.
- Annual security testing reduces cyber incidents and breaches
- High adoption rate of MDR services (41%) with strong future growth potential (37% planning to adopt)
- Decreasing frequency of cyberattacks indicates improving defensive measures
- 87% of organizations experienced security incidents with 14-day average downtime
- Only 28% of GenAI proof-of-concepts successfully transition to production
- 61% of organizations face attacks on public cloud infrastructure
- Significant skills shortage (57%) hampering technological advancement
Amid increasingly effective cyberattacks, Canadian organizations experience an average downtime of 14 days, disrupting essential day-to-day business operations
The expanding threat landscape highlights a critical pattern in 2025. Cyberattacks continue to decrease in frequency, yet successful attacks have intensified and become increasingly disruptive. In the past 12 months, 87 percent of Canadian organizations have reported experiencing a security incident, coupled with a 10 percent year-over-year increase in the length of downtime per incident. This pattern indicates a need for Canadian organizations to prioritize proactive cybersecurity to avoid these detrimental disruptions to their business.
GenAI progress stalls amid gaps in security and governance frameworks
Over the past year, organizations have raced to explore the potential of Generative Artificial Intelligence (GenAI), but the excitement has exposed a critical paradox. While organizations recognize GenAI’s transformative potential, many are facing security and compliance barriers that have slowed full-scale adoption.
Canadian organizations are particularly grappling with the complex challenges of securely integrating and scaling GenAI into business operations. Between 2023 and 2024, businesses conducted an average of 17 GenAI proof-of-concepts (PoCs), yet fewer than a third (28 percent) successfully transitioned to full production as concerns over data privacy and compliance put projects on hold.
The majority cite common barriers to adoption, including data privacy concerns (64 percent), skills shortages (57 percent) and system integration complexities (44 percent).
The rush to integrate GenAI has highlighted gaps in Canadian organizations’ foundational frameworks. However, this provides a key opportunity for organizations to strategically assess their data governance and compliance capabilities at a moment when the full potential of GenAI is still in its infancy.
“The competitive advantages of GenAI are undeniable, but rushing into full-scale adoption without a strong security framework is a risk no organization can afford,” said Ivo Wiens, Field CTO, Cybersecurity at CDW Canada. “This slowdown isn’t a failure but a necessary step for businesses to address foundational security gaps with thoughtful intent.”
Organizations must invest in strengthening their overall security posture and capabilities to benefit from the transformative potential of GenAI.
Proactive security testing is the missing link for cloud environments
As Canadian organizations expand their digital ecosystems and increasingly rely on their hybrid cloud environments, cyberattackers are keeping pace, exploiting vulnerabilities in cloud environments at an alarming rate. What was once a secondary risk has emerged as a primary concern, with public cloud infrastructures facing more attacks than any other IT infrastructure component.
More than half (61 percent) of Canadian organizations report that their public cloud environments have been the most impacted by cyberattacks. However, organizations conducting annual security testing indicated fewer infiltrations (23 incidents) and breaches (33 incidents) on average compared to 25 and 29 incidents respectively for those without regular testing. This underscores the clear value of comprehensive cloud testing to proactively mitigate risks, freeing up more time and resources for core business operations.
Structural gaps drive the shift toward third-party services
Canadian organizations are prioritizing their security capabilities by investing in Managed Detection and Response (MDR) services, which provide proactive managed solutions to enhance detection and incident response driven by a strategic shift to address internal resource gaps, improve threat detection and response speeds to increase cyber resilience.
Nearly half (41 percent) of Canadian organizations have already adopted MDR services, with more than a third (37 percent) planning to do so in the near future. As organizations continue to struggle with the impacts of breaches, MDR services are a key enabler in reducing vulnerabilities and minimizing operational disruptions.
“Many organizations are in a vulnerable position without the in-house expertise required to respond to threats at the speed and scale needed,” said Ben A. Boi-Doku, Chief Strategist, Cybersecurity Services Strategy & Development at CDW Canada. “It’s promising to see Canadian organizations investing in their security. MDR services are a fundamental part of modern security strategies. The organizations that invest in 24/7 threat detection and response will be the ones who can focus on running their business instead of combatting cyberthreats.”
To learn more about the state of cybersecurity for Canadian organizations, download the study here.
Join the conversation online by following @CDWCanada on X (formerly Twitter) and LinkedIn.
About CDW Canada
CDW Canada Corp. is a leading provider of technology services and solutions for business, government, education and healthcare. Established in 2003, CDW Canada is the country’s trusted advisor for cybersecurity, hybrid infrastructure and workplace modernization. CDW Canada’s local experts design, orchestrate and manage customized services and solutions, making technology work so people can do great things. Through its services-led approach, CDW Canada simplifies complex technology to empower customers to focus on their business and thrive in a rapidly evolving landscape. CDW Canada is a subsidiary of CDW Corporation (Nasdaq: CDW), a Fortune 500 company. For more information, visit www.cdw.ca.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250408704944/en/
Julie Clivio
VP, Growth & Operations, CDW Canada
647.288.5828 | julie.clivio@cdw.ca
Source: CDW Canada Corp.
FAQ
What percentage of Canadian organizations experienced security incidents according to CDW's 2024 study?
How successful were GenAI proof-of-concepts in Canadian organizations?
What percentage of Canadian organizations have their public cloud infrastructure affected by cyberattacks?
What is the adoption rate of Managed Detection and Response (MDR) services among Canadian organizations?
What are the main barriers to GenAI adoption in Canadian organizations?
