IBM's Cost of A Data Breach Report Highlights The Increasing Disruption And Demands Of Breaches For Cyber Teams, Suggesting AI As A Potential Solution

Soaring data breaches are causing significant disruption for businesses worldwide. IBM's Cost of a Data Breach Report reveals record costs, reaching £3.58 million (US$4.8 million) in the UK alone for 2024. Despite a decrease in breach costs in 2023, the report shows a 5% increase in 2024 compared to the previous year.

As breaches become more severe, the pressure on teams working to protect business data intensifies. Financial services have faced the most costly breaches, with professional services and technology sectors also significantly impacted.

Figure 1. Over Half of Organizations Faced Cyberattacks That Blocked Data Access in 2023

Over half of organizations experienced a cyberattack that blocked data access in 2023, underscoring the urgent need for enhanced enterprise cybersecurity. The report identifies stolen credentials and phishing as the most common initial attack vectors, accounting for 27% of breaches in the UK. Figure 1 shows Over Half of Organizations Faced Cyberattacks That Blocked Data Access in 2023".

Breach Disruption Creating Chaos for Businesses

According to IBM, the collateral damage from data breaches has escalated, leading to higher costs and greater consequences for businesses worldwide. Globally, approximately 12% of breached organizations that managed to fully recover took more than 100 days to do so.

Top three factors driving up breach costs for UK organizations

• Non-compliance with regulations (£287K/US$368K)
• Impact on IoT/OT environments (£246K/US$315K)
• Supply chain breaches (£241K/US$309K)

Significantly, more than half of the organizations globally studied by IBM faced severe or high-level staffing shortages in 2023. These businesses incurred an average of US$1.76 million in higher breach costs. Additionally, IBM found that 51% of business leaders were worried about unpredictable risks and new security vulnerabilities, while 47% were concerned about emerging attacks targeting AI systems.

“In a landscape increasingly defined by cyber threats, this year's report underscores critical vulnerabilities and strategic opportunities,” says Martin Borrett, Technical Director at IBM Security UKI. “Organizations worldwide with severe security staffing shortages experienced a notable increase in breach costs.”

Businesses worldwide are under significant pressure, with plans to boost security budgets this year compared to last (63% vs. 51%) to address rising staffing challenges. Employee training has emerged as a key investment area, with organizations focusing on incident response planning and testing, threat detection and response technologies, identity and access management, and data security protection tools.

Globally, 42% of breaches were detected by an organization’s own security team or tools, up from 33% in 2023. Additionally, companies that involved law enforcement after a ransomware attack saved an average of nearly US$1 million in breach costs compared to those that did not.

AI as a Potential Lifeline

This update arrives at a crucial moment as organizations rapidly adopt generative AI (Gen AI) technologies, which are expected to introduce new security challenges. Gen AI has proven to be a transformative tool for businesses, promising to revolutionize industries by enhancing operational efficiency and driving innovation. Its capabilities can streamline processes and open new opportunities. In the realm of cybersecurity, AI and automation offer significant advantages by improving incident detection and accelerating response times, thereby reducing breach costs and impact. To leverage these benefits effectively, businesses need to fortify their security strategies.

“Robust, AI-driven security measures are essential, and addressing regulatory non-compliance and IoT vulnerabilities remains crucial,” explains Martin Borrett. IBM’s report reveals that the use of AI and automation reduced breach costs by £1.06 million (US$1.36 million). Furthermore, 71% of UK organizations have integrated security AI and automation into their security operations centers (SOC), a nearly 13% increase from the previous year. Globally, 20% of organizations reported using some form of Gen AI security tools.

As a result, UK organizations employing AI detected and contained incidents, on average, 106 days faster than those not using these technologies. “As organizations continue to adopt Gen AI technologies, it’s vital to address the new security vulnerabilities they introduce and prioritize investments in security staffing and training,” emphasizes Matthew Evans, Chief Operating Officer and Director of Markets at tech UK.

Source: Technology Magazine

Cite this article:

Janani R (2023), IBM Report Urges AI Use to Prevent Data Breaches, Anatechmaz ,pp.110