2023 Cost of Data Breach Report: key findings
In this blog post, we explore the insights uncovered by the 2023 IBM Cost of the Data Breach Report, highlighting the increase in breach costs and the transformative influence of AI on bolstering cybersecurity defences.
Discover the actionable strategies to strengthen your security measures effectively and protect your organisation from emerging threats.
Reluctance to boost security budgets persists among breached organisations
IBM Security recently released its annual Cost of a Data Breach Report, which discloses a significant surge in the global average cost of data breaches in 2023, reaching a record-breaking $4.45 million. This amount reflects a substantial 15% escalation over the past three years, signifying the severity of the ongoing cyber threat landscape.
Notably, the costs associated with detection and escalation have witnessed a staggering 42% surge during the same period, forming the largest segment of breach expenses. Such a trend points towards the increasing complexity of breach investigations.
The 2023 IBM report further delves into how businesses are strategising to tackle the mounting cost and frequency of data breaches. The findings reveal that a striking 95% of the studied organisations have encountered multiple breaches, highlighting the widespread nature of the issue.
Interestingly, among the breached organisations, a considerable 57% chose to transfer the incident costs to consumers, putting the burden on those affected. Only 51% of the breached entities opted to bolster their security investments, despite the escalating breach risks and financial consequences. This indicates a hesitancy among organisations to proactively enhance their security measures in response to the growing threat landscape.Reluctance to boost security budgets persists among breached organisations despite escalating breach expenses. Click To Tweet
Insights from the 2023 Cost of a Data Breach Report
The 2023 Cost of a Data Breach Report draws on the comprehensive analysis of real-world data breaches encountered by 553 organisations worldwide from March 2022 to March 2023. This research, sponsored and analysed by IBM Security, has been conducted by Ponemon Institute and boasts an impressive 18-year publication history.
Key highlights from the 2023 IBM report include:
Accelerating impact of AI
Organisations that extensively utilised AI and automation witnessed a remarkable difference in breach identification and containment speed. Compared to organisations without these technologies (322 days), those employing AI and automation experienced a significantly shorter data breach lifecycle of 214 days, reducing it by 108 days.
Cost implications of involving law enforcement
The study found that ransomware victims who involved law enforcement saved an average of $470,000 in breach costs compared to those who chose not to engage law enforcement. Despite the potential savings, a surprising 37% of ransomware victims refrained from involving law enforcement in ransomware attacks.
One-third of the analysed breaches were detected by the affected organisations’ internal security teams, while 27% of breaches were disclosed by the attackers themselves. Disturbingly, data breaches disclosed by attackers incurred an average additional cost of nearly $1 million compared to breaches identified by the organisations themselves.
The value of every second
The 2023 report reveals that organisations fully embracing security AI and automation witnessed a remarkable 108-day reduction in breach lifecycles compared to those not utilising these technologies. As a result, they experienced significantly lower incident costs. Extensive deployment of security AI and automation resulted in an average cost saving of nearly $1.8 million per data breach, making it the most significant cost-saving factor identified in the report.
Meanwhile, adversaries have managed to decrease the average time required to execute a ransomware attack. Surprisingly, close to 40% of the studied organisations have yet to implement security AI and automation, representing ample opportunities for enhancing detection and response speeds.AI/Automation minimises breach lifecycles by 108 days. Click To Tweet
The ‘Ransomware Dilemma’
Some organisations examined in the study exhibit reluctance to involve law enforcement during a ransomware attack, fearing it may further complicate the situation. However, for the first time, the IBM report delved deeper into this matter and uncovered evidence to the contrary. Organisations that chose not to engage law enforcement experienced an average breach lifecycle that was 33 days longer compared to those that sought law enforcement’s assistance, and this silence came at a steep cost. The studied ransomware victims who refrained from involving law enforcement ended up paying an average of $470,000 more in breach costs than those who collaborated with authorities.Ransomware victims incur $470,000 expenses by evading law enforcement. Click To Tweet
Despite concerted efforts by law enforcement to collaborate with ransomware victims, 37% of respondents still opted not to seek their help. Furthermore, nearly half (47%) of the examined ransomware victims reportedly decided to pay the ransom. It becomes evident that these misconceptions surrounding ransomware must be discarded. Paying a ransom and avoiding law enforcement could, in fact, lead to increased incident costs and hinder a swift response.
Limited breach self-discovery by security teams
Despite some progress in threat detection and response, there remains room for improvement. IBM’s 2023 Threat Intelligence Index indicates that defenders successfully halted a higher percentage of ransomware attacks in the previous year. However, adversaries continue to exploit vulnerabilities in defence mechanisms, finding ways to evade detection.
The report reveals that merely one in three studied breaches were detected by the organisation’s internal security teams or tools. Conversely, 27% of breaches were disclosed by the attackers themselves, and an additional 40% were disclosed by neutral third parties, such as law enforcement.
The data highlights the importance of early breach detection. Organisations that identified the breach internally incurred almost $1 million less in breach costs compared to breaches disclosed by attackers ($5.23 million vs. $4.3 million). Moreover, breaches disclosed by attackers had a much longer lifecycle of nearly 80 days (320 days) compared to those detected internally (241 days). These significant cost and time savings underscore the value of investing in strategies that prioritise early detection, offering long-term benefits for organisations.
Key insights from the 2023 IBM Report:
Breaching data across environments:
Approximately 40% of data breaches studied resulted in data loss across multiple environments, including public cloud, private cloud, and on-premises setups. Attackers successfully compromised multiple environments while evading detection. Such breaches impacting multiple environments incurred higher breach costs, averaging around $4.75 million.
Soaring costs of Healthcare breaches:
The average costs of studied healthcare breaches reached nearly $11 million in 2023, reflecting a significant 53% increase since 2020. Cybercriminals have been making stolen data more accessible to downstream victims, as reported in the 2023 X-Force Threat Intelligence Report. By leveraging medical records, threat actors exert greater pressure on breached organisations to pay ransoms. Across all industries studied, customer personally identifiable information (PII) emerged as the most commonly breached record type and the costliest.
The DevSecOps advantage:
Organisations across all industries that effectively implemented DevSecOps practices experienced a substantial cost advantage. The global average cost of a data breach for such organisations was nearly $1.7 million lower compared to those with a low level or no use of DevSecOps approaches.
Critical infrastructure breach costs surpass $5 million:
Critical infrastructure organisations under study observed a 4.5% increase in average breach costs compared to the previous year, surging from $4.82 million to $5.04 million. This figure is approximately $590,000 higher than the global average breach cost.
Securing a resilient future: key takeaways from the 2023 Cost of a Data Breach report
In conclusion, the 2023 Cost of a Data Breach Report presents a clear and urgent call to action for organisations worldwide. As breach costs surge to unprecedented levels and cyber threats become increasingly sophisticated, the need to prioritise cybersecurity has never been more crucial. Embracing advanced technologies like AI and automation, collaborating with law enforcement, and implementing DevSecOps practices can significantly improve breach detection, response times, and overall security posture.
By taking proactive measures and staying vigilant in the face of evolving threats, businesses can safeguard their valuable data and protect themselves from the devastating consequences of data breaches. As we move forward in this digital age, the lessons learned from this report serve as a valuable guide to reinforce defences and ensure a more secure future for organisations and their customers.
With the valuable insights from the 2023 Cost of a Data Breach Report, organisations can make informed decisions, allocate resources wisely, and establish a strong security foundation. By working collectively to strengthen cybersecurity practices, businesses can mitigate risks, protect sensitive data, and build trust with their stakeholders.