The cost of data violations does not decrease in Canada

The average cost of a violation between March 2024 and February 2025 amounted to $ 6.4 million, compared to 6.6 million a year earlier. Similarly, according to a study published Wednesday by the technological giant IBM and the Ponémon Institute, a cybersecurity research center based in the United States.

While global costs fall due to shorter life cycles of violations. Therefore, expenses related to these attacks increased in Canada, underlines Daina Proctor, security manager at IBM Canada.

The average cost of violation in Canada climbed 10.4 % to 6.98 million in the last year studied, compared to 6.32 million the previous year. Meanwhile,

The Canadian average is higher due to the increase in detection costs. For example, their climbing, which cover legal investigators, regulatory interventions, legal advice and crisis communications, says Ms. Meanwhile, cost data violations does not Proctor.

Detection costs are now on average $ 470,000 in Canada, while recovery costs after a violation oscillates around $ 270,000.

Governance gaps – Cost data violations does not

At the same time. Canada is faced with an increase in costs due to a “slower adoption of defenses based on artificial intelligence (AI) and governance gaps”, adds Ms. Proctor in an email.

Last year. cybersecurity problems were reported to Nova Scotia Power, at the Columbia-British Columbia Columbia Columbia, and the educational software manufacturer used by many Canadian schools.

Violations can be expensive because they can be difficult to detect. and their evaluation and their recovery can be tedious and time -consuming work, requiring many professionals and sometimes interruptions for customers and employees.

Most countries have found a drop in costs associated with a violation, as surveys on violations take less time. However, cost data violations does not several countries, including Canada, have resisted this trend.

The study by IBM. Ponemon has shown that the cost of data violations has also climbed to the United States, India, in the Association of Nations of Southeast Asia and the Benelux (the economic union bringing together Belgium, the Netherlands and Luxembourg).

The average cost of violations in the United States reached the record figure of US $ 10.22 million, an increase of 9 % compared to last year.

The analysis of 600 organizations affected by data violations revealed that the most expensive attacks affected the health sector. followed by financial, industrial and energy sectors.

The issue of unauthorized AI uses

In many cases. computer hackers have used a ghost artificial intelligence, that is to say when employees use AI without the approval or supervision of their employer.

“The cost data violations does not ghost AI has become one of the main dead angles of organizations today,” says Ms. Proctor. Employees adopt AI tools to increase their productivity, but without supervision, they involuntarily create vulnerabilities. ”

Ghost systems often process sensitive data and interact with external systems on which companies have no control.

“Once the attackers exploit these flaws. the cascade effects can expose entire systems and supply chains to significant violations,” explains Ms. Proctor.

Some 20 % of the organizations studied said they had suffered a violation due to security incidents involving ghost.

Global organizations with a high level of ghosts said that the use of this technology has added $ 967. 011 to the average cost of a violation, compared to those with a low or zero level of a ghost.

The incidents involving the ghost AI also led to greater cost data violations does not compromise of identifiable personal information and intellectual property.

To cope with the risks associated with the ghost AI, Ms. Proctor maintains that companies must provide their employees with more approved AI tools. carry out regular audits in order to detect gaps in their offers and employee compliance.