IBM Security released its annual cost of data breach report, showing that the global average cost of a data breach will reach $4.45 million in 2023, a record high for the report and a 15% increase over the past 3 years.
Detection and escalation costs jumped 42 percent over the same time period, accounting for the highest portion of breach costs and signaling a shift to more complex breach investigations.
According to a 2023 IBM report, enterprises are divided on how they plan to deal with the increasing cost and frequency of data breaches. The study found that while 95 percent of the organizations studied had experienced more than one breach, organizations that were breached were more likely to pass the cost of the incident on to consumers (57 percent) than increase their security investment (51 percent).
The 2023 Cost of a Data Breach Report is based on an in-depth analysis of real data breaches experienced by 553 organizations around the world between March 2022 and March 2023.
The research, sponsored and analyzed by IBM Security, was conducted by the Ponemon Institute and has been published continuously for 18 years.
Some key findings from the 2023 IBM report include:
AI Accelerates Speed: AI and automation will have the greatest impact on the speed at which breaches are identified and contained by research organizations. Organizations that made extensive use of artificial intelligence and automation experienced a 108-day reduction in the data breach lifecycle compared to organizations in the study that did not deploy these technologies (214 days vs. 322 days, respectively).
Cost of Silence: Ransomware victims who involved law enforcement saved an average of $470,000 in breach costs compared to ransomware victims who chose not to involve law enforcement. Despite these potential savings, 37 percent of ransomware attacks among ransomware victims studied did not involve law enforcement.
Detection gap: Only one-third of the vulnerabilities studied were detected by the organization's own security teams, compared to 27 percent disclosed by attackers. Data breaches disclosed by attackers cost an average of nearly $1 million more than research organizations that discovered the breach themselves.
For defenders and attackers alike, time is the new currency in cybersecurity. As the report shows, early detection and rapid response can significantly reduce the impact of a breach.
Security teams must focus on where adversaries are most successful and focus on stopping them before they achieve their goals. Investing in threat detection and response methods to increase the speed and efficiency of defenders—such as artificial intelligence and automation—is critical to changing this balance.
every second has to pay
According to the 2023 report, research organizations that fully deployed security AI and automation experienced an average 108-day reduction in data breach lifecycle and significantly lower incident costs compared to organizations that did not deploy these technologies.
In fact, research organizations that broadly deployed security AI and automation found an average reduction in data breach costs of nearly $1.8 million compared to organizations that did not deploy these technologies, the largest cost saver identified in the report.
At the same time, attackers also reduced the average time to complete a ransomware attack. With nearly 40 percent of researched organizations yet to deploy security AI and automation, there is still considerable opportunity for organizations to improve detection and response speed.
Ransomware "discount codes"
Some research groups remain concerned about engaging with law enforcement during a ransomware attack, as they believe it will only complicate the situation. This year, an IBM report took a closer look at the question for the first time and found evidence to the contrary.
Participating organizations that don't involve law enforcement have a data breach lifecycle that averages 33 days longer than those that do, and this silence comes at a price. Research shows that ransomware victims who do not take law enforcement cost an average of $470,000 more in breach costs than victims who take law enforcement action.
Despite law enforcement's ongoing efforts to cooperate with ransomware victims, 37 percent of respondents still choose not to bring them in. Additionally, nearly half (47%) of ransomware victims reportedly paid the ransom. Clearly, organizations should let go of these misconceptions about ransomware. Paying the ransom and evading law enforcement may only increase the cost of the incident and slow down the response.
Security teams rarely find vulnerabilities on their own
Threat detection and response has made some progress. According to IBM's 2023 Threat Intelligence Index, defenders prevented a higher percentage of ransomware attacks last year. However, adversaries are still finding ways to break through holes in their defenses.
The report found that only one-third of researched breaches were detected by an organization's own security team or tools, while 27 percent of such breaches were disclosed by attackers and 40 percent by neutral third parties such as law enforcement. disclosed by the third party.
The cost of the breach experienced by responding organizations who discovered the vulnerability was nearly $1 million less than the cost disclosed by the attacker ($5.23 million vs. $4.3 million).
Vulnerabilities disclosed by attackers also lived nearly 80 days longer than attackers who discovered them internally (320 days vs. 241 days). Early detection can save significant cost and time, suggesting that investing in these strategies can pay off in the long run.
Other findings from the 2023 IBM report include:
Data breaches across environments: Nearly 40% of data breaches studied resulted in data loss across multiple environments, including public cloud, private cloud, and on-premises, demonstrating that attackers are able to compromise multiple environments while avoiding detection. The study found that data breaches that affected multiple environments also resulted in higher breach costs ($4.75 million on average).
Costs of healthcare breaches continue to soar: The average cost of a healthcare breach studied will reach nearly $11 million in 2023, a 53% price increase since 2020. According to the 2023 X-Force Threat Intelligence Report. Threat actors are using medical records as leverage to increase the pressure on targeted organizations to pay ransoms. In fact, across all industries studied, personally identifiable customer information was the most commonly compromised type of record, as well as being the most costly.
The DevSecOps Advantage: A study of organizations with high levels of DevSecOps across all industries found that the average global cost of a data breach was nearly $1.7 million lower than those with low/no DevSecOps approaches.
Critical infrastructure breach costs exceed $5 million: Compared to last year, the average cost of a breach for the critical infrastructure organizations studied rose 4.5%, from $4.82 million to $5.04 million, $590,000 more than the global average .