IBM Security has released its annual Cost of a Data Breach Report, revealing that the global average cost of a data breach has reached a record-breaking $4.45 million in 2023. This figure represents a 15 percent increase over the past three years and underscores the growing severity of cybersecurity incidents worldwide.
The report highlights a significant 42 percent jump in detection and escalation costs during the same period, which now accounts for the highest portion of breach-related expenses. This increase indicates a trend toward more complex breach investigations, posing new challenges for organizations in addressing cybersecurity threats effectively.
The study, based on the analysis of real-world data breaches experienced by 553 organizations globally between March 2022 and March 2023, offers valuable insights into the evolving landscape of data breaches.
Among the key findings:
AI and Automation Accelerate Breach Identification and Containment: Organizations leveraging extensive use of AI and automation experienced a data breach lifecycle that was 108 days shorter compared to those without these technologies (214 days versus 322 days). This highlights the critical role of advanced technologies in rapid threat detection and response.
Ransomware Victims Benefit from Law Enforcement Involvement: Ransomware victims that involved law enforcement in their response saved an average of $470,000 in breach costs compared to those that chose not to involve authorities. Despite the potential savings, 37 percent of ransomware victims opted not to engage law enforcement during an attack.
Detection Gaps and Third-Party Disclosures: Only one-third of the studied breaches were detected by the organizations’ own security teams, while 27 percent were disclosed by the attackers themselves, and 40 percent were disclosed by neutral third parties such as law enforcement. Breaches detected by the victim organizations themselves incurred significantly lower costs and shorter breach lifecycles compared to those disclosed by attackers.
Chris McCurdy, General Manager of Worldwide IBM Security Services, emphasized the importance of early detection and fast response in cybersecurity, as they can significantly reduce the impact of a breach. McCurdy urged security teams to focus on thwarting adversaries’ successful tactics and concentrate on stopping them before they achieve their goals. Investments in AI and automation, which enhance defenders’ speed and efficiency, were highlighted as crucial elements in shifting the balance in favor of organizations.
According to the report, organizations that fully deployed security AI and automation experienced 108-day shorter breach lifecycles on average compared to those without these technologies, resulting in significantly lower incident costs. With nearly 40 percent of organizations yet to adopt these advanced security measures, there remains considerable opportunity for enhancing detection and response capabilities.
In conclusion, the IBM Security report underscores the increasing financial toll of data breaches and the importance of embracing advanced technologies to bolster cybersecurity defenses. Early detection and collaboration with law enforcement are key components in minimizing the costs and consequences of cyberattacks, urging businesses to prioritize investments in threat detection and response approaches to safeguard sensitive data effectively.
Additional findings in the 2023 IBM report include:
Nearly 40 percent of data breaches studied resulted in the loss of data across multiple environments including public cloud, private cloud, and on-prem—showing that attackers were able to compromise multiple environments while avoiding detection. Data breaches studied that impacted multiple environments also led to higher breach costs ($4.75 million on average).
The average costs of a studied breach in healthcare reached nearly $11 million in 2023 – a 53 percent price increase since 2020. Cybercriminals have started making stolen data more accessible to downstream victims, according to the 2023 X-Force Threat Intelligence Report. With medical records as leverage, threat actors amplify pressure on breached organizations to pay a ransom. In fact, across all industries studied, customer personally identifiable information was the most commonly breached record type and the costliest.
Studied organizations across all industries with a high level of DevSecOps saw a global average cost of a data breach nearly $1.7 million lower than those studied with a low level/no use of a DevSecOps approach.
Critical infrastructure organizations studied experienced a 4.5 percent jump in the average costs of a breach compared to last year – increasing from $4.82 million to $5.04 million – $590K higher than the global average.
