The financial industries of most countries worldwide use emerging innovative technologies to cut down operational costs, enhance customer services, and automate work. For example, organizations in the Canadian financial sector heavily depend on Fintech, the Internet of Things, quantum computing, the cloud, and artificial intelligence, among others, to enable electronic financial transactions and data transfer between payment systems, institutions, vendors, and clients.

However, while these interconnections promise increased efficiency and faster communications, they have become attractive targets in today’s highly sophisticated and rapidly evolving cyber threat landscape. For example, a cyberattack that compromises only one financial organization can potentially spread to external partners, which may ultimately disrupt critical international and national financial systems.

Unsurprisingly, motivations like financial gains from transaction values that amount to billions of dollars daily have seen the financial industry face frequent and complex cyberattacks. For instance, Canada’s population has embraced online banking transactions more and more, with 76% of Canadians preferring mobile devices and online banking for all transactions.

In the past, the real estate industry has been known to be slow in embracing technology. However, this situation is changing. The PwC report on Emerging Trends in Real Estate 2021 found that the COVID-19 pandemic forced the real estate sector to embrace various technology solutions, including virtual open houses, digital payments, collaboration tools, and property technology to enhance business continuity. Likewise, the Emerging Trends in Real Estate 2022 reports that Canadian real estate companies can successfully navigate forces of change through accelerated digitization that plays a significant role in both delivering efficiencies and creating the experiences and services the customers want. The latest report points out construction technology, increased data analytics, and digitizing operations as the key area of focus for the real estate sector in 2022.

Cybercrime has increased exponentially worldwide, mostly due to significant events that lead to a rapidly changing threat landscape. Most nations have seen increased cyber threats across sectors due to significant incidents ranging from the COVID-19 pandemic to the Russia-Ukraine conflict, with the retail industry bearing the brunt of the attacks. In Canada, for instance, at least three out of ten companies have reported a spike in attacks, and 80% of businesses fell victim to phishing attacks. Also, 25% of Canadian organizations have reported data breaches that target sensitive employee and customer data.

In addition, Canadian organizations in the retail industry have suffered numerous attacks in the recent past. For example, JBS, one of the largest global, suffered a devastating ransomware attack in 2021 that saw it shut down operations in Canada, the US, and Australia, resulting in a loss of more than $11 million. Also, an unauthorized party compromised the user credentials of the Canada Revenue Agency, resulting in more than 800,000 taxpayers being unable to access their accounts. Whether you look at cybersecurity in Montreal, Toronto, or any other Canadian city, the statistics show that cybercrime is getting worse, and the retail industry suffers innumerable damage.

The COVID-19 pandemic caused many companies to adopt remote working strategies in line with social distancing and isolation regulations implemented to combat its spread. As of March 2021, approximately five million Canadian workers, or 20% of Canadian employees, were working from home. In contrast, only 4% of employees worked remotely in 2016. Now, most COVID restrictions have been lifted, but many companies have allowed their workforce to continue working remotely. A 2021 study found that only 9% of Canadian workers expressed interest in working from the office fully, 15% wanted to work from home all the time, while 40.8% of workers suggested a hybrid working model.  

The Canadian Government has joined other countries in toughening sanctions against Russia amid the ongoing Russia-Ukraine conflict. However, Russia has insisted it will retaliate against countries that meddle in the conflict, placing the Canadian Government as a potential target of Russian-sponsored attacks.

Other than Russian cyber threats, the Canadian Government is a prime source of attacks from other state-nations and cybercrime groups. In addition, the Government is responsible for securing critical infrastructure and spearheading efforts to enhance national cybersecurity preparedness. Therefore, cybersecurity for Government is essential to thwarting cyber espionage and attacks targeting critical infrastructure.

Countries use cyberattacks as a tool for modern warfare, and the concept has been used extensively in the Russia-Ukraine conflict to spread disinformation and demoralize opponents. On the day Russia started the invasion, some critical Kyiv websites, including the government, parliament, and Foreign Ministry sites, were offline and inaccessible. Certainly, Russian hackers launched large DDoS attacks to overwhelm the infrastructure and crash the websites. In addition, Ukraine blamed the Kremlin for a data-wiper malware found on Ukrainian computers, which echoed the NotPetya malware attack in 2017 that severely impacted the Ukrainian economy. With heavy fighting raging in Ukraine, cyberspace has turned into a secondary battlefront.

As we begin a new year, one trend that will only grow in importance is the critical need for cyber security measures. The Canadian manufacturing sector is known for its advances in digital technologies to enhance the automation of critical processes. Currently, at least 97% of Canadian industrial markets utilize data analytics to drive daily business operations, inform crucial decisions, and develop new products. While this is a step in the right direction, most industry leaders in the Canadian manufacturing sector fail to take cybersecurity with the utmost seriousness and concerns. 

How can we secure the processes, facilities, technologies, systems, assets, networks, and services essential to the safety, health, or economic well-being of Canadians? How can we enhance the cybersecurity posture for critical infrastructure that can be interconnected and interdependent within and across provinces, territories, and national borders? Cyber-attacks and disruption of critical infrastructure could result in catastrophic loss of life, adverse economic effects, and harm to public confidence, as is the case with the Colonial Pipeline hack.

2021 has been a busy year for cybercriminals. The year is not yet over, and the number of publicly-reported data compromises through September 30, 2021, has exceeded the total number of events in full-year 2020 by 17 percent, according to the Identity Theft Research Center data breach analysis. A new report from IBM Security revealed the average cost of a data breach in Canada was $6.75 million per incident in the 2021 survey year. On all levels, this could be a record-breaking year for data breaches. That's up from $6.35 million the year before, and the highest since the survey included Canada seven years ago.

As the famous Charles Dickens quote goes, "we are in the best of times, yet we are also in the worst of times". On one side, organizations, and users alike, benefit from the emergence of new technologies, including the Internet of Things (IoT), 5G, artificial intelligence (AI), and so on. On the other side, there has been a rise in recent successes scored against high-profile targets, including the world’s largest meat processing company, JBS, that shut down facilities in the United States, Canada, and Australia after an attack.

Meanwhile, since the pandemic started, bad actors have been exploiting the vulnerabilities of organizations moving to remote working strategies. On the other side, security professionals have worked tirelessly to mitigate the threats, and vendors are delivering new and reliable technologies to support their efforts.

Based on the information and analysis from our professionals, here are the top five security and risk trends we think are worth watching as we go into 2022 and ways Sentia helps organizations stay prepared for the possibility of threats.