IBM: Data Breach Costs Climb 10% Since Last Year, Average Reaches $4.9 Million
Staffing shortages are increasing data breach costs.
![Data breach costs climb, per IBM and Zscaler reports. Data breach costs climb, per IBM and Zscaler reports.](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blte5a44a3adb1ebb83/66a9413d1a892d3e954a3c1d/Data_Breach_Costs_2024.jpg?width=700&auto=webp&quality=80&disable=upscale)
Chim/Shutterstock
Channel Futures: What are the most surprising findings in this latest report? What are the biggest changes from last year’s report?
![IBM Security's Jennifer Kady IBM Security's Jennifer Kady](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt875ff6985962de48/66a941b20aa92c6c14397dcf/Kady_Jennifer_IBM_Security_2024.jpg?width=700&auto=webp&quality=80&disable=upscale)
IBM Security's Jennifer Kady
IBM Security's Jennifer Kady: One critical takeaway from the report is the relationship between AI (including generative AI) and data breach costs. Our report revealed that organizations who employed security AI and automation extensively detected and contained an incident significantly faster — nearly 100 days faster than organizations not using these technologies. Additionally, more organizations leveraged AI/automation in security operations, and those who extensively used these technologies saved nearly $1.9 million on average in breach costs. The report also found an accelerated adoption in generative AI security tools, which helped reduce the average cost of a breach by more than $167,000. In short, AI investments are paying off, but it’s still critical for organizations to invest in the tools and skills needed to secure their generative AI as it can introduce new security risks. Addressing this duality in generative AI for security needs to be a priority for businesses looking to implement this technology.
CF: How are organizations coping with staffing shortages?
JK: While one in five organizations says they are using some form of generative AI security tools to help close the gap, this still remains a challenge. Staff challenges may see relief in the future, as more organizations stated that they plan to increase security investments compared to last year — and employee training is a top investment area.
CF: Are breach costs higher in certain industries/sectors than others? Who’s incurring the most damage from breach costs?
JK: Since 2011, health care has seen the highest breach costs — and this year was no different. This is no surprise, with health care being a highly regulated industry that is charged with protecting sensitive patient data and personally identifiable information (PII). While the average breach cost for health care fell 10.6% since 2023 to $9.77 million, the sector remains a major target.
After health care, financial services and the industrial sector saw the highest breach costs. That said, one of the more concerning challenges faced by security staff is driven by compromised credentials, which was the most frequent breach cause identified in the study. Breach life cycles, in fact, increased more than 30 days when data was breached using stolen identities, necessitating urgent focus regardless of industry to shut the front door on threat actors.
CF: What should organizations be doing to try to lessen the cost of a breach?
JK: There are several things organizations can do to lessen the financial impact of a data breach. Some of the most important factors involve improving efficiency and reducing the amount of time it takes to detect and respond to these incidents as they arise. One key factor is for organizations to understand their data landscape — as the proliferation of data in today’s complex IT landscape is making it harder to find, track and safeguard critical data. We found that more than one in three breaches involved shadow data (data stored in unmanaged data sources), and these breaches took more than 50 days longer on average to identify than breaches that did not. To regain control over these environments, organizations can apply data security posture management (DSPM) and other solutions such as identity access management (IAM) to help drive more consistent and comprehensive protection of data.
The study also shows that how an organization communicates during and after a breach − with customers, regulators and the general public − represents a huge cost center, and in fact 75% of the increase in average breach costs in this year’s study was driven by the cost of lost business and post-breach response. Organizations can improve their breach response processes by participating in crisis simulation exercises, which include security teams as well as business leaders, so the entire organization improves its ability to detect, contain and respond to breaches.
Another factor the study surfaced is that involving law enforcement in early stages can help mitigate breach costs. In fact, 63% of ransomware victims that involved law enforcement avoided paying a ransom and organizations that involved law enforcement saved $1 million, or 20%, in breach costs on average.
CF: Are we likely to see continued increasing breach costs? If so, why?
JK: We’ve been doing this report for over a decade, and in general, data breach costs have increased year to year for the majority of time we’ve been doing the report. While we can’t predict what breach costs will look like next year, what is clear is that if organizations don’t prioritize investing in the right security measures for today’s complex data and AI landscape, the cost of security incidents and data breaches, and their extended impact will continue to climb.
The findings from the Zscaler ThreatLabz report uncovered a record-breaking ransom payment of $75 million to the Dark Angels ransomware group, which is nearly double the highest publicly known ransomware payout. ThreatLabz believes Dark Angels’ success will drive other ransomware groups to use similar tactics, placing a higher need for organizations to prioritize protection against rising and ever more costly ransomware attacks.
![Zscaler's Deepen Desai Zscaler's Deepen Desai](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt7bdd0f5805be731e/66a944d96ea8c53980c94e57/Desai_Deepen_Zscaler_2024.jpg?width=700&auto=webp&quality=80&disable=upscale)
Zscaler's Deepen Desai
“Ransomware defense remains a top priority for CISOs in 2024,” said Deepen Desai, Zscaler’s chief security officer. “The increasing use of ransomware-as-a-service (RaaS) models, along with numerous zero-day attacks on legacy systems, a rise in vishing attacks, and the emergence of AI-powered attacks, has led to record-breaking ransom payments. Organizations must prioritize zero trust architecture to strengthen their security posture against ransomware attacks.”
The findings from the Zscaler ThreatLabz report uncovered a record-breaking ransom payment of $75 million to the Dark Angels ransomware group, which is nearly double the highest publicly known ransomware payout. ThreatLabz believes Dark Angels’ success will drive other ransomware groups to use similar tactics, placing a higher need for organizations to prioritize protection against rising and ever more costly ransomware attacks.
![Zscaler's Deepen Desai Zscaler's Deepen Desai](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt7bdd0f5805be731e/66a944d96ea8c53980c94e57/Desai_Deepen_Zscaler_2024.jpg?width=700&auto=webp&quality=80&disable=upscale)
Zscaler's Deepen Desai
“Ransomware defense remains a top priority for CISOs in 2024,” said Deepen Desai, Zscaler’s chief security officer. “The increasing use of ransomware-as-a-service (RaaS) models, along with numerous zero-day attacks on legacy systems, a rise in vishing attacks, and the emergence of AI-powered attacks, has led to record-breaking ransom payments. Organizations must prioritize zero trust architecture to strengthen their security posture against ransomware attacks.”
Data breach costs have increased 10% since last year, the biggest jump since the pandemic, reaching an average cost of $4.9 million.
That’s according to IBM’s annual Cost of a Data Breach Report. Seventy percent of breached organizations reported that the breach caused significant or very significant disruption.
The report is based on an analysis of real-world data breaches experienced by 604 organizations globally between March 2023 and February 2024.
Also, Zscaler’s annual ThreatLabz 2024 Ransomware Report shows an 18% increase in ransomware attacks year over year with the manufacturing, health care and technology sectors as top targets. The United States remains the top target of ransomware, experiencing nearly 50% of overall attacks, followed by the United Kingdom, Germany, Canada and France.
Reasons Behind Data Breach Costs Increase
According to IBM, lost business, and post-breach customer and third-party response costs drove the year-over-year spike in data breach costs, as the collateral damage has only intensified. The disruptive effects data breaches have on businesses are not only driving up costs, but are also extending the after-effect of a breach, with recovery taking more than 100 days for most of the small number (12%) of breached organizations that were able to fully recover.
Some key findings in the 2024 IBM report include:
More organizations faced severe staffing shortages compared to the prior year (26% increase) and observed an average of $1.76 million in higher data breach costs than those with low level or no security staffing issues.
Two out of three organizations studied are deploying security AI and automation across their security operation center (SOC). When these technologies were used extensively across prevention workflows, organizations incurred an average $2.2 million less in breach costs, compared to those with no use in these workflows — the largest cost saving revealed in the 2024 report.
Forty percent of breaches involved data stored across multiple environments including public cloud, private cloud and on premises. These breaches cost more than $5 million on average and took the longest to identify and contain (283 days).
Scroll through our slideshow above for a Q&A with Jennifer Kady, vice president of IBM Security, and more from Zscaler.
About the Author(s)
You May Also Like