Creating Mega Trust in an Era of Mega Breaches
October 30, 2018

By: Andre Boysen, CIO, SecureKey

October 2018 marks the 15th anniversary of Cyber Security Awareness Month (CSAM), globally celebrated to increase awareness of the importance of cyber security.

To some, 15 years might sound like enough time to prepare for cyberattacks, yet reality shows that cybercrimes have only increased throughout the years. In fact, this year’s annual Cost of Data Breach study conducted by the Ponemon Institute[1] reported that the global average cost of a data breach is up 6.4 per cent over 2017 to $3.86 million. According to the study, Canada has the highest direct cost[2] at $81 per compromised record, while the U.S. has the highest indirect per capita cost[3] at $152.

This year, for the first time, the report calculated the costs associated with “mega breaches” – or breaches of more than 1 million records – projecting that breaches ranging from 1 million to 50 million records lost will cost companies between $40 million and $350 million, respectively.

The fact that “mega breaches” are being newly introduced to the study demonstrates the severity to which hacks are growing. At the same time that organizations have worked to increase awareness regarding cyber security, the “bad guys” have also used this time to refine their techniques to harm. The same study from the Ponemon Institute reveals that 48 per cent of the causes of data breaches in the world are related to malicious or criminal attacks, costing the global economy upwards of $157 million in 2018. On the other hand, the second root cause of data breaches (27 per cent) relates to human error. Negligence from employees or contractors who were careless with the data under their control or access cost the global economy $128 million.

Focused on the latter, CSAM aims to help all Canadians to share information more securely online, by being informed and knowing the simple steps to take to protect themselves, their families, their workplace and their devices. This year, the federal government initiative Get Cyber Safe produced free online resources, such as the Cyber Security Awareness Month Toolkit, which provided consumers with weekly themes and shareable resources to help promote cyber security. Get Cyber Safe also launched the #CSAMChallenge on social media for the month of October, offering raffle prizes for consumers who engage with CSAM’s posts and share to their own social networks – increasing awareness of cyber safety to a broader audience.

As awareness of cyber security increases, so does customer expectation of how their data is protected in highly-regulated industries. Governments and financial institutions and their technology partners have a higher responsibility (and bigger challenges) in 2018 than they did 15 years ago, and getting prepared for the challenges to come is not only necessary but also urgent.

We believe that data breaches not only debilitate someone’s safety but also damage (or even destroy) the relationship they have built with the institutions they trust. At SecureKey, our role is to help maintain and strengthen that trust. That’s why we work with leading organizations to not only better protect the information of their customers and strengthen their trust, but most importantly, give Canadians control of when and with whom they share their information online.

Part of this work is coming to light through our Verified.Me solution, a new Canadian service to help you verify your identity quickly and securely, so you can get things done fast. Verified.Me will work from any iOS or Android smartphone, using trusted credentials from your financial institution. We cannot be more excited to announce its launch later this year!

While it’s important we continue to celebrate Cyber Security Awareness Month, it’s our mission to make “mega breaches” and data issues a thing of the past. In 15 years, we look forward to an online ecosystem where consumers feel safe to share their information online, without the risk of it getting in the wrong hands.

It’s time to take control of our identities! Visit to learn how.


[1]The 2018 Cost of a Data Breach Study by the Ponemon Institute.

[2]Direct costs refer to the expense outlay to accomplish a given activity such as engaging forensic experts, hiring a law firm, or offering victims identity protection services.

[3]Indirect costs include employees’ time, effort, and other organizational resources spent notifying victims and investigating the incident, as well as the loss of goodwill and customer churn.