Companies and organizations that experience a data breach spend an average of $4.45 million to fix the problem. However, there are other reasons for most parties to increase their budget for cyber security. In fact, a majority pass on the costs of the incident to customers and consumers.
This is stated in the report’ Cost of a Data Breach. Report 2023′ from IBM. The research was conducted by the Penomon Institute, which has been doing this for 18 years in a row. Researchers analyzed data breaches at 553 companies and organizations worldwide.
Half increase investments in cybersecurity after data breach
The cost of a data breach increased by 15 per cent in the past three years compared to three years ago. Discovery and scale-up costs increased 42 per cent over the same period. This explains why companies and organizations will lose an average of 4.45 million dollars (more than 4 million euros) in 2023 if a data breach occurs.
Of the organizations surveyed, 95 per cent say they have had to deal with a data breach several times. This is the reason to increase the cybersecurity, information security and digital resilience budget. Nothing could be further from the truth. Half of the companies surveyed (51%) say they increase their investments if a data breach occurs. A majority (57 per cent) say they pass on the costs of such an incident to their customers.
Organizations themselves do not discover most data breaches
Another conclusion is that only one-third of the data breaches investigated were discovered by IT employees of the company itself. Hackers announced a quarter of the leaks (27 per cent). If attackers report the leak, the victim will lose an average of almost one million dollars more. About 40 per cent of data breaches last year were discovered by an independent third party, such as the police, intelligence service or cybersecurity agency.
Another way to save money in a data breach is to call the police. This saved victims an average of 470,000 dollars, which is about 425,000 euros. About a per cent of the companies surveyed (37 per cent) reported the leak to the police. Nearly half of those surveyed (47 per cent) paid ransom to the perpetrators.
Artificial intelligence significantly reduces lead time
Early detection and rapid response can significantly reduce the impact of a cyberattack, said Chris McCurdy, general manager of IBM Security Services. In his view, artificial intelligence (AI) can help with this.”Security teams need to focus on where cybercriminals are most successful and concentrate their efforts on stopping cyberattacks before they reach their target. Investments in risk detection and response methods that increase speed and efficiency – such as AI and automation – are crucial to turn the tide,” said the CEO.
According to the researchers, companies and organizations that use AI and automation significantly reduce the lead time of a data breach. The time to deal with a leak then drops from an average of 322 days to 214 days. In addition, the investment resulted in cost savings of an average of $1.8 million.