in

Cost of data breach climbs 10%, but AI helping to limit some damage

Yuichiro Chino/Getty Images

The cost of a data breach in 2024 has clocked the biggest year-on-year increase since the pandemic, but companies that use artificial intelligence (AI) tools are mitigating some of the financial damage from the fallout. 

The global average cost of a data security breach now clocks in at $4.88 million, up 10% from $4.45 million last year, according to the latest findings from IBM’s annual Cost of a Data Breach Report, which analyzed breaches experienced by 604 organizations worldwide between March last year and February 2024. Conducted by Ponemon Institute, the study included interviews with 3,556 security and business professionals from the breached organizations, and across 16 countries and regions.  

Also: AI-powered ‘narrative attacks’ a growing threat: 3 defense strategies for business leaders

Some 70% of respondents said the breaches they encountered had caused significant or very significant disruption to their business, IBM noted. Losses included operational downtime, lost customers, and the cost of post-breach responses, such as staffing customer service desks and regulatory fines. 

Stolen or compromised credentials were the most common initial attack vector, accounting for 16% of breaches, and took the longest to identify and contain at nearly 10 months.

This year organizations from the healthcare sector recorded the highest cost incurred from a breach at $9.77 million. 

Across the board, 40% of breaches involved data stored across different environments, including public and private cloud and on-premises, and resulted in at least $5 million on average in damages. They also took the longest to identify and contain, at 283 days, compared to the overall average of 258 days. 

<!–>

That global figure, though, is at a seven-year low and down from last year’s average of 277 days companies took to identify and contain a breach. 

Also: Businesses’ cloud security fails are ‘concerning’ – as AI threats accelerate

Most of these breaches, at 46%, involved customers’ personal identifiable information, which included tax identification numbers, phone numbers, and home addresses. Another 43% involved intellectual property data, the cost of which climbed to $173 per record, up from $156 per record last year.  

The study also found that 35% of breaches involved shadow data, with theft from such cases resulting in 16% more in cost from the breach. 

In addition, breaches that took longer to eradicate were more costly, and those with a lifecycle of more than 200 days cost the most at an average of $5.46 million. 

However, organizations that used AI-powered and automation security tools extensively incurred on average $1.88 million less in cost from a breach, at $3.84 million. In comparison, companies that did not use AI and automation saw average losses of $5.72 million. Those with limited use of AI and automation also saw lower costs from a breach of $4.64 million. 

Also: Automation driving AI adoption, but lack of right skillsets slowing down returns

The IBM study looked at organizations’ use of AI and automation across four areas of security operations: prevention, detection, investigation, and response. These included attack surface management, red-teaming, and posture management. 

Two of three respondents said they had deployed in their security operations center, up 10% from last year. Some 31% used AI and automation extensively in their security processes, while 36% did likewise on a limited basis. Some 33% have yet to use any AI or automation. 

Companies that suffered a ransomware attack were able to reduce their losses by an average of $1 million when they involved law enforcement, to $4.38 million. This figure excluded the amount paid up in ransom, according to IBM. Bringing in law enforcement further cut the time needed to identify and contain breaches from 297 to 281 days. 

Some 63% of ransomware victims who turned to law enforcement were able to avoid paying a ransom. 

Also: 91% of ransomware victims paid at least one ransom in the past year, survey finds

Without law enforcement, organizations experienced an average of $5.37 million in cost from a ransomware attack, excluding ransom payments. 

More organizations this year said they would pass the losses amassed from a breach to consumers, with 63% planning to increase the cost of goods or services, up from 57% that did likewise last year.  

Organizations that had severe or high-level staffing shortages also experienced higher breach costs as a result, acquiring $5.74 million in losses, compared to $3.98 million for those with low levels or no staffing shortages. 

However, 63% of respondents indicated plans to increase their security budgets, up from 51% last year, with employee training highlighted as the top investment. 

Also: AI is changing cybersecurity and businesses must wake up to the threat  

Another 55% revealed plans to invest in incident response planning and testing, while 51% pointed to threat detection and response technologies. Some 42% would invest in identity and access management, and 34% would do so for data security protection tools.

“Businesses are caught in a continuous cycle of breaches, containment, and fallout response, [which] now often includes investments in strengthening security defenses and passing breach expenses on to consumers – making security the new cost of doing business,” said Kevin Skapinetz, vice president of strategy and product design for IBM Security. “As generative AI rapidly permeates businesses, expanding the attack surface, these expenses will soon become unsustainable, compelling businesses to reassess security measures and response strategies.”

To stay ahead, Skapinetz urged organizations to invest in AI-driven defenses and develop the skills needed to address the risks and opportunities brought about by generative AI.

Google upgrades Search to combat deepfakes and demote sites posting them

I returned my Apple Vision Pro and Meta Quest 3 for these XR glasses – and they’re much cheaper