© Copyright Acquisition International 2024 - All Rights Reserved.

Article Image - Average Cost of a Data Breach Reaches An All-Time High of $4.45m, But AI and Automation Continue to Save Time and Money
Posted 24th August 2023

Average Cost of a Data Breach Reaches An All-Time High of $4.45m, But AI and Automation Continue to Save Time and Money

IBM’s Cost of a Data Breach report has highlighted the increasing cost for companies that suffer a data breach. The report found that the average cost of a data breach is now at an all-time high of $4.45 million. This represents an increase from last year, up 2.3 percent and a mammoth 15.3 percent from the 2020 report.

Mouse Scroll AnimationScroll to keep reading

Let us help promote your business to a wider following.

Average Cost of a Data Breach Reaches An All-Time High of $4.45m, But AI and Automation Continue to Save Time and Money
AI Automation

The IBM Cost of a Data Breach 2023 report also highlights the consequences to smaller organisations as they face considerably higher data breach costs 

AJ Thompson, CCO, Northdoor plc  

IBM’s Cost of a Data Breach report has highlighted the increasing cost for companies that suffer a data breach. The report found that the average cost of a data breach is now at an all-time high of $4.45 million. This represents an increase from last year, up 2.3 percent and a mammoth 15.3 percent from the 2020 report. 

The report also highlighted that it is not just big business that is targeted by cyber criminals. All businesses no matter their size or market need to fully understand the threat they are facing and where vulnerabilities within their defences lie. 

 

Smaller organisations hit by considerably higher data breach costs 

The report found that in 2023 companies with more than 5,000 employees saw the average cost of a data breach actually decrease compared to last year. There might be a number of factors influencing this decrease, but certainly we have seen large organisations increase their spend on cyber defences over the past few months. 

However, smaller organisations, who might have paused or not increased spending on cyber defences in light of the uncertain economy have been hit by considerably higher data breach costs compared to 2022. Organisations with fewer than 500 employees saw average impact of a data breach increase from $2.92 million to $3.31 million or 13.4 percent. 

Those with 500-1000 employees saw an increase of 21.4 percent, from $2.71 million to $3.29 million and those in the 1001-5000 employee range saw the average cost of a data breach increase from $4.06 million to $4.87 million, a rise of nearly 20 percent. 

Still, too often, small businesses presume that they are not targeted by cyber criminals and that it is only enterprise level organisations under threat of being hacked. As the report confirms, this is not the case. All businesses, no matter their size or market have data that is potentially hugely valuable to cyber criminals and so by ignoring the threat, smaller businesses are putting themselves at risk. 

The cost of a data breach for the smallest companies, of on average, $3.31 million is huge and is more than enough to put them out of business. Therefore, instead of ‘saving’ money by not investing in cyber defences, all companies need to address the increasing threat from cyber criminals and ensure that their defences are able to keep them out and keep data safe.  

The cost of a breach inevitably trickles down to the consumer too. The report found that most organisations continue to increase the price of services and goods as a result of a data breach. 57 percent of respondents indicated that data breaches led directly to an increase in business offerings, passing on the cost to consumers. 

 

Phishing and stolen or compromised credentials responsible for majority of attacks 

The report also found that phishing and stolen or compromised credentials were the two most common initial attack vectors (the way for the attacker to enter a network or system). We have seen cyber criminals use increasingly sophisticated phishing attacks to target employees, which are often considered the ‘weakest link’ in the security defences of a company. This is reflected in the report with phishing attacks responsible for 16 percent of breaches and stolen or compromised credentials responsible for 15 percent. 

These were followed by cloud misconfiguration at 11 percent, followed by business email compromised at 9 percent. 

Companies, therefore, have to ensure that the weakest link in their security defences is strengthened considerably. The nature of the most recent phishing attacks means that employees have very little chance of being to filter out legitimate messages and malicious emails and need help in doing so.  

Encouragingly, the report suggests that businesses are doing exactly this. 

 

Majority of companies planning to increase security investments 

51 percent of businesses were planning to increase security investments because of a data breach. At a time where budgets are already stretched this is a really encouraging sign that companies are taking the threat, and consequences, of a cyber attack seriously. 

It is further encouraging where businesses are looking to spend the increased investment. The report found that incident response (IR) planning and testing, threat detection and response technologies were investment priorities, as was employee training. 

The latter is particularly significant given that phishing attacks are the most common way cyber criminals gain access to systems or network. Careful education of employees on what the threat looks like and how to deal with suspicious communication will be key in strengthening this ‘weakest’ element of cyber defence. There has to be a balance though. Too many messages can cause ‘security fatigue’ where employees, inundated with warnings, end up taking little notice of any of the messages, allowing malicious approaches to get through. Targeted, timely, education is the key.  

 

AI and automation save time and money 

The use of AI and automation solutions have had, according to the report, a real impact for businesses who use such solutions extensively within their defences. On average those companies with such solutions in place were able to identify and contain a breach 108-days shorter than those without. These companies also reported a $1.76 million lower data breach cost compared to organisations that didn’t have such capabilities.  

The time to identify the fact that a company has been breached is particularly significant. The recent hack of the elections watchdog highlights this. Not only were the details of tens of millions of voters potentially compromised it appears that the cyber criminals may have been in the system of the watchdog for some time, before being discovered. 

According to reports the attack was identified in October 2022, but the hackers had first been able to gain access to the commission’s systems in August 2021. This is a large amount of time for a cyber criminal to have, essentially, free reign, over systems and data. It gives them the time to understand where the most valuable data is stored and cause untold amounts of subtle damage all whilst the organisations is blissfully unaware of their presence. 

The use of AI and automation solutions, as highlighted in IBM’s Cost of a Data Breach report, has shown a significant reduction in the amount of time to discover a breach. Getting cyber criminals out of a system quickly reduces damage and potential cost. Therefore, any upfront investment in such technology can quickly show ROI. 

Whilst the report’s headlines will be focused on the ever-increasing cost of a data breach for most companies, there are, as has been discussed, a number of real positives. It seems that companies are recognising the real threat of cyber crime on their business and are willing to spend budget in order to close vulnerabilities and keep the criminal out. Ignoring the threat and ‘saving’ money by not investing in cyber defences is no longer an option.  

Cyber criminals are not going away and are only going to be increasing the number and level of sophistication of their attacks. Businesses must address the weak points of their defences, whether that be employees or vulnerabilities within their existing cyber solutions, or be prepared to pay a huge cost and possible loss of their business if they are hacked. 

Categories: Innovation, News


You Might Also Like
Read Full PostRead - Eye Icon
4 Key Elements of Effective & Engaging Business Blogs
News
26/05/20234 Key Elements of Effective & Engaging Business Blogs

Business blogs are ten a penny, and so it pays to make sure yours is effective not only in its content, but its presentation, so that readers are engaged and your audience grows.

Read Full PostRead - Eye Icon
Ann Taylor and Loft to be Acquired for $2.16bn
Finance
19/05/2015Ann Taylor and Loft to be Acquired for $2.16bn

One of America's largest women’s apparel companies has added two major brands to its line-up.

Read Full PostRead - Eye Icon
St Ives Acquire Solstice Mobile
M&A
25/03/2015St Ives Acquire Solstice Mobile

St Ives Group acquires US-based Solstice Mobile to further strengthen digital capabilities and international footprint.

Read Full PostRead - Eye Icon
Challenging a Denial Based on the Listing of Impairments: A Comprehensive Guide
Finance
12/06/2023Challenging a Denial Based on the Listing of Impairments: A Comprehensive Guide

If you have been denied Social Security disability benefits based on the Listing of Impairments, it can be a frustrating and overwhelming experience. However, with the help of a disability lawyer in Los Angeles, you can challenge the denial and present a stron

Read Full PostRead - Eye Icon
Boxer Capital, LLC
Finance
26/02/2019Boxer Capital, LLC

Boxer Capital, LLC invents and invests in biotechnology companies that aim to drastically improve medicine. To celebrate the firm’s success in this year’s Hedge Fund Awards we profile it to find out more and explore the secrets behind its success.

Read Full PostRead - Eye Icon
How Your Business Can Gain A Competitive Advantage In Your Industry
News
18/08/2021How Your Business Can Gain A Competitive Advantage In Your Industry

Businesses of all shapes and sizes will all benefit from gaining a competitive advantage within their industry. Here’s how your business can start building for further success.

Read Full PostRead - Eye Icon
Financial Data Breaches: ICO Reports 8,000 Percent Rise
Finance
07/05/2024Financial Data Breaches: ICO Reports 8,000 Percent Rise

According to the Information Commissioner’s Office (ICO), there was an 8,000 percent increase in the number of people affected by financial data breaches in central government between 2019 and 2023.

Read Full PostRead - Eye Icon
Q1 Update – Mochtar Karuwin Komar
Strategy
01/07/2016Q1 Update – Mochtar Karuwin Komar

Mochtar Karuwin Komar (MKK) is one of Indonesia’s oldest firms and celebrates its 45th year in June 2016.

Read Full PostRead - Eye Icon
R3Location: Trusted Relocation in a Complex City
Strategy
19/01/2018R3Location: Trusted Relocation in a Complex City

R3Location Limited offers an exceptional range of relocation services to companies moving assignees into London and the South East.



Our Trusted Brands

Acquisition International is a flagship brand of AI Global Media. AI Global Media is a B2B enterprise and are committed to creating engaging content allowing businesses to market their services to a larger global audience. We have 14 unique brands, each of which serves a specific industry or region. Each brand covers the latest news in its sector and publishes a digital magazine and newsletter which is read by a global audience.

Arrow