IBM: Data Breach Costs Climb 10% Since Last Year, Average Reaches $4.9 Million

Channel Futures: What are the most surprising findings in this latest report? What are the biggest changes from last year’s report?

IBM Security's Jennifer Kady

IBM Security's Jennifer Kady: One critical takeaway from the report is the relationship between AI (including generative AI) and data breach costs. Our report revealed that organizations who employed security AI and automation extensively detected and contained an incident significantly faster — nearly 100 days faster than organizations not using these technologies. Additionally, more organizations leveraged AI/automation in security operations, and those who extensively used these technologies saved nearly $1.9 million on average in breach costs. The report also found an accelerated adoption in generative AI security tools, which helped reduce the average cost of a breach by more than $167,000. In short, AI investments are paying off, but it’s still critical for organizations to invest in the tools and skills needed to secure their generative AI as it can introduce new security risks. Addressing this duality in generative AI for security needs to be a priority for businesses looking to implement this technology.

CF: How are organizations coping with staffing shortages?

JK: While one in five organizations says they are using some form of generative AI security tools to help close the gap, this still remains a challenge. Staff challenges may see relief in the future, as more organizations stated that they plan to increase security investments compared to last year — and employee training is a top investment area.

CF: Are breach costs higher in certain industries/sectors than others? Who’s incurring the most damage from breach costs?

JK: Since 2011, health care has seen the highest breach costs — and this year was no different. This is no surprise, with health care being a highly regulated industry that is charged with protecting sensitive patient data and personally identifiable information (PII). While the average breach cost for health care fell 10.6% since 2023 to $9.77 million, the sector remains a major target.

After health care, financial services and the industrial sector saw the highest breach costs. That said, one of the more concerning challenges faced by security staff is driven by compromised credentials, which was the most frequent breach cause identified in the study. Breach life cycles, in fact, increased more than 30 days when data was breached using stolen identities, necessitating urgent focus regardless of industry to shut the front door on threat actors.

CF: What should organizations be doing to try to lessen the cost of a breach?

JK: There are several things organizations can do to lessen the financial impact of a data breach. Some of the most important factors involve improving efficiency and reducing the amount of time it takes to detect and respond to these incidents as they arise. One key factor is for organizations to understand their data landscape — as the proliferation of data in today’s complex IT landscape is making it harder to find, track and safeguard critical data. We found that more than one in three breaches involved shadow data (data stored in unmanaged data sources), and these breaches took more than 50 days longer on average to identify than breaches that did not. To regain control over these environments, organizations can apply data security posture management (DSPM) and other solutions such as identity access management (IAM) to help drive more consistent and comprehensive protection of data.

The study also shows that how an organization communicates during and after a breach − with customers, regulators and the general public − represents a huge cost center, and in fact 75% of the increase in average breach costs in this year’s study was driven by the cost of lost business and post-breach response. Organizations can improve their breach response processes by participating in crisis simulation exercises, which include security teams as well as business leaders, so the entire organization improves its ability to detect, contain and respond to breaches.

Another factor the study surfaced is that involving law enforcement in early stages can help mitigate breach costs. In fact, 63% of ransomware victims that involved law enforcement avoided paying a ransom and organizations that involved law enforcement saved $1 million, or 20%, in breach costs on average.

CF: Are we likely to see continued increasing breach costs? If so, why?

JK: We’ve been doing this report for over a decade, and in general, data breach costs have increased year to year for the majority of time we’ve been doing the report. While we can’t predict what breach costs will look like next year, what is clear is that if organizations don’t prioritize investing in the right security measures for today’s complex data and AI landscape, the cost of security incidents and data breaches, and their extended impact will continue to climb.

The findings from the Zscaler ThreatLabz report uncovered a record-breaking ransom payment of $75 million to the Dark Angels ransomware group, which is nearly double the highest publicly known ransomware payout. ThreatLabz believes Dark Angels’ success will drive other ransomware groups to use similar tactics, placing a higher need for organizations to prioritize protection against rising and ever more costly ransomware attacks.

Zscaler's Deepen Desai

“Ransomware defense remains a top priority for CISOs in 2024,” said Deepen Desai, Zscaler’s chief security officer. “The increasing use of ransomware-as-a-service (RaaS) models, along with numerous zero-day attacks on legacy systems, a rise in vishing attacks, and the emergence of AI-powered attacks, has led to record-breaking ransom payments. Organizations must prioritize zero trust architecture to strengthen their security posture against ransomware attacks.”

The findings from the Zscaler ThreatLabz report uncovered a record-breaking ransom payment of $75 million to the Dark Angels ransomware group, which is nearly double the highest publicly known ransomware payout. ThreatLabz believes Dark Angels’ success will drive other ransomware groups to use similar tactics, placing a higher need for organizations to prioritize protection against rising and ever more costly ransomware attacks.

Zscaler's Deepen Desai

“Ransomware defense remains a top priority for CISOs in 2024,” said Deepen Desai, Zscaler’s chief security officer. “The increasing use of ransomware-as-a-service (RaaS) models, along with numerous zero-day attacks on legacy systems, a rise in vishing attacks, and the emergence of AI-powered attacks, has led to record-breaking ransom payments. Organizations must prioritize zero trust architecture to strengthen their security posture against ransomware attacks.”