Exploring the 2024 IBM Cost of Data Breach Report

IBM published in July 2024 its most recent Cost of Data Breach report. It provides a comprehensive look at the financial impact of data breaches across the globe, considering different industries, organizations and countries. It highlights the evolving landscape of data breaches, including the impact of technological advances and business disruptions.

Understanding Data Breach

A data breach occurs when sensitive, confidential, or protected data is accessed or disclosed without authorization. This can include personal identifiable information (PII), protected health information (PHI), financial details, or intellectual property. Data breaches can result from hacking, phishing attacks, stolen or compromised credentials, and even simple human error. Once attackers gain access to this data, they can exploit it in various ways, from identity theft to selling the information on the dark web.

Data Breach Costs

The report shows that the global average cost of data breach in 2024 has risen by 10% from the previous year, reaching USD 4.88 million. Interestingly, the average cost in the U.S. has slightly decrease in 2024 to USD 9.36 million, from USD 9.48 million in 2023. Nonetheless, the U.S. still holds the highest average data breach cost for the 14^th consecutive year.

The cost of a data breach has primarily been going up due to business disruptions and post-breach responses. Downtime and operational delays are responsible for significant revenue loss, and there are also costs associated with customer notification, monitoring services credit and regulatory fines.

Another source of cost increase is related to the shortage of security staffing. The report points out that more than half of the organizations in the study, representing an increase of 26.2% from previous year, face shortages of professional to prevent and respond to breaches.

The report also highlights that shadow data is an increasing issue in cybersecurity. Shadow data refers to data that resides in unmanaged systems, often unknown by IT departments. According to the report, 35% of the data breaches involve shadow data, and they are associated with 16% of the breach costs. Because shadow data is hard to track and protect, it represents a great risk to organizations.

Attack Vectors

The report illustrates the cost and frequency of data breaches based on initial attack vector. Phishing and stolen or compromised credentials are the most frequent attacks, attesting for approximately 30% of the breaches together. Malicious insider attacks are the most expensive type of attack; however, they are less frequent (7% of breaches). Social engineering, zero-day vulnerability and cloud misconfiguration are shown as having a balanced high cost or high frequency.

Additionally, certain types of attacks take longer to detect and contain. Stolen or compromised credentials take the longest to identify and contain, averaging 292 days. Next comes phishing attacks with an average of 261 days. And social engineering attacks are right behind at 257 days.

The Role of AI in Reducing Cost

Despite the rising costs of data breaches, the IBM report points to a positive trend: companies implementing AI and automation in their security protocols are seeing noticeable savings. Businesses that leveraged AI in their prevention strategies managed to save an average of USD 2.2 million in breach-related costs, marking the largest cost reduction highlighted in the report.

AI and automation enable companies to detect and control breaches more quickly. Companies that implement AI in their cybersecurity efforts have been able to cut down the time it takes to contain breaches by 100 days compared to those that don’t use AI. The longer a breach remains unaddressed, the higher the associated costs. Hence a quick response is crucial. Breaches extending beyond 200 days cost an average of USD 5.46 million, whereas breaches contained in under 200 days averaged USD 4.88 million.

The use of AI has shown benefits in areas like attack surface management, red-teaming, and posture management. Companies can ease the workload on their cybersecurity teams and improve their ability to respond to potential threats more effectively.

 Cybersecurity at EverChain

EverChain adopts a comprehensive approach that combines technology, employee training and strategic planning and investment. We have deployed AI-driven XDR (Extended Detection and Response) technology to all endpoints, capable of detecting suspicious activities, analyzing patterns, and responding to threats faster than humans.

Data security and data privacy assessments are regularly conducted. These exercises help identify security gaps and weaknesses in the organizations systems. They also include penetration testing and attack simulations to uncover potentially overlooked vulnerabilities.

Overall, EverChain employ a strategy that includes both technology and human elements. It involves the combination of required multi-factor authentication for all employees, the use of strong encryption for data in-transit and at-rest, the use of role-based access controls to limit the access to sensitive data, and the close monitoring of third-party vendor. On the human side, employee training is equally important. In addition to frequent attack simulation, all employees go through regular security and privacy training. Business continuity and disaster recovery plans, and incident management and communication plans are frequently reviewed, updated and trained on.

Conclusion

Data breaches are a growing and costly problem that affects organizations across all industries. The IBM 2024 Cost of a Data Breach report highlights the importance of investing in cybersecurity measures, including AI and automation, to reduce costs and improve response times. Addressing the security skills shortage and managing shadow data are also critical steps in protecting sensitive information. By understanding these challenges and implementing the recommended strategies, organizations can better safeguard their data and minimize the financial and reputational damage caused by breaches.