Unsurprisingly, the annual IBM Cost of Data Breach report finds that the average damage per incident is up by a notable amount. But it also finds some light at the end of the tunnel, with automation and AI machine learning tools delivering substantial savings. Early law enforcement involvement also cuts into the average breach cost considerably.
The average cost of data breach spiked 10% to $4.88 million, and that number jumps to $5.17 million when stolen data was found in public cloud storage. However, organizations are finding that expenses are heavily back-loaded to the recovery process and see an average savings of $2.2 million when they have AI or automation defense tools in place. Another $1 million average savings comes from involving law enforcement, which has improved its ability to track down perpetrators and provide remediation tools such as decryption keys.
AI race thus far leaning toward defenders
Though it is not an apples-to-apples comparison, the “AI arms race” between attackers and defenders seems to be leaning toward the side of the good guys thus far. Criminal utilization of generative AI chatbots continues to mostly be limited to polishing communications in non-native languages, a helpful boost to phishing campaigns but far from apocalyptic possibilities involving generated custom malware. At the moment, machine learning defensive tools seem much more useful in detecting anomalous activity and containing suspected breaches before they can become too damaging.
The Cost of Data Breach report indicates that expected recovery times are still uncomfortably close to a full year, but organizations that have implemented these defensive measures are shaving about 98 days (or nearly half) off of that period. These tools are also helping to boost initial in-house discovery of breaches, which now happens more often than an uncomfortable warning from a third-party researcher (or the criminal themselves).
Costs continue to trend up as 70% of organizations report “significant” or “very significant” fallout from the incident, but the majority of this comes from business interruption, recovery bills, lost customers and fines after the fact. The industrial sector saw the biggest increase in average cost, at $830,000, but the health care industry still reports individual incidents that are hitting the hardest of all.
“Shadow data” now tracked by cost of data breach report
The 2024 Cost of Data Breach report has several new elements, one of which is the tracking of “shadow data” involved in breach incidents. Of the 604 organizations that were surveyed and reported some kind of a breach in 2023-2024, over a third had at least some amount of shadow data involved in the attack. When it is involved it tends to add to the recovery time and up costs by about 16%.
What is “shadow data” exactly? It’s all of the data that an organization’s IT team needs to protect, but has lost visibility of. This is often because employees have moved it somewhere it shouldn’t be, but sometimes authorized moves to cloud sources inadvertently break the security team’s line of sight to it. Continuing challenges in reaching full staffing are contributing to the issue, as the Cost of Data Breach report finds that the cybersecurity “skills gap” has expanded by 26% in just a year and that understaffing adds an average of $1.6 million to breach costs.
Though the 10% jump in data breach costs is the largest since the spike created by the Covid-19 pandemic, the number might actually be higher than the study is able to fully measure. Most of the surveyed organizations said that they are passing on breach costs to consumers in an environment already pressed by inflation pressures, creating the risk of them reducing spend or turning away entirely in response.