STOCK TITAN

IBM Report: Escalating Data Breach Disruption Pushes Costs to New Highs

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Negative)
Tags

IBM's 2024 Cost of a Data Breach Report reveals a significant increase in global average breach costs, reaching $4.88 million, up 10% from the previous year. Key findings include:

1. 70% of breached organizations reported significant disruption.
2. Security staffing shortages led to $1.76 million higher breach costs.
3. AI and automation in security reduced breach costs by $2.2 million on average.
4. 40% of breaches involved data stored across multiple environments.
5. Intellectual property theft increased by 27%.
6. The average data breach lifecycle decreased to 258 days.

The report emphasizes the growing importance of AI-driven defenses and addressing risks associated with generative AI in cybersecurity.

Il rapporto sui costi di una violazione dei dati 2024 di IBM mostra un aumento significativo dei costi medi globali, che raggiungono $4,88 milioni, con un incremento del 10% rispetto all'anno precedente. Tra i principali risultati si evidenziano:

1. 70% delle organizzazioni violate ha segnalato una significativa interruzione.
2. La carenza di personale in ambito sicurezza ha portato a costi di violazione superiore di $1,76 milioni.
3. L’utilizzo di intelligenza artificiale e automazione nella sicurezza ha ridotto i costi di violazione in media di $2,2 milioni.
4. 40% delle violazioni ha coinvolto dati memorizzati in ambienti diversi.
5. Il furto di proprietà intellettuale è aumentato del 27%.
6. Il ciclo di vita medio di una violazione dei dati è diminuito a 258 giorni.

Il rapporto sottolinea l'importanza crescente delle difese basate su intelligenza artificiale e di affrontare i rischi associati all'AI generativa nella cybersicurezza.

El informe de IBM sobre el costo de una violación de datos de 2024 revela un aumento significativo en los costos promedio de las violaciones a nivel mundial, alcanzando $4.88 millones, un 10% más que el año anterior. Los hallazgos clave incluyen:

1. 70% de las organizaciones que sufrieron violaciones reportaron una interrupción significativa.
2. La falta de personal de seguridad llevó a un aumento en los costos de violación de $1.76 millones.
3. La inteligencia artificial y la automatización en seguridad redujeron los costos de violación en $2.2 millones en promedio.
4. 40% de las violaciones involucraron datos almacenados en múltiples entornos.
5. El robo de propiedad intelectual aumentó un 27%.
6. El ciclo de vida promedio de una violación de datos se redujo a 258 días.

El informe enfatiza la creciente importancia de las defensas impulsadas por IA y la necesidad de abordar los riesgos asociados con la IA generativa en la ciberseguridad.

IBM의 2024 데이터 유출 비용 보고서는 글로벌 평균 유출 비용이 $4.88 백만 달러로 증가하여 지난해보다 10% 상승했음을 보여줍니다. 주요 발견 사항은 다음과 같습니다:

1. 70%의 유출된 조직이 심각한 중단을 보고했습니다.
2. 보안 인력 부족으로 인해 유출 비용이 $1.76 백만 증가했습니다.
3. 보안 분야에서 AI 및 자동화의 활용으로 평균 $2.2 백만의 유출 비용이 감소했습니다.
4. 40%의 유출 사건이 여러 환경에 저장된 데이터와 관련이 있었습니다.
5. 지적 재산권 도난이 27% 증가했습니다.
6. 평균 데이터 유출 주기가 258일로 줄어들었습니다.

이 보고서는 AI 기반 방어의 중요성과 사이버 보안에서 생성형 AI와 관련된 위험을 다루는 것의 중요성을 강조합니다.

Le rapport d'IBM sur le coût d'une violation de données en 2024 révèle une augmentation significative des coûts moyens globaux des violations, atteignant 4,88 millions de dollars, soit une hausse de 10% par rapport à l'année précédente. Les principales conclusions incluent :

1. 70% des organisations touchées ont signalé des perturbations significatives.
2. Les pénuries de personnel en sécurité ont entraîné des coûts de violation plus élevés de 1,76 million de dollars.
3. L'intelligence artificielle et l'automatisation dans la sécurité ont réduit les coûts de violation d'environ 2,2 millions de dollars en moyenne.
4. 40% des violations concernaient des données stockées dans plusieurs environnements.
5. Le vol de propriété intellectuelle a augmenté de 27%.
6. Le cycle de vie moyen d'une violation de données a été réduit à 258 jours.

Le rapport souligne l'importance croissante des défenses basées sur l'IA et la nécessité de traiter les risques associés à l'IA générative dans la cybersécurité.

Der Bericht von IBM über die Kosten eines Datenlecks 2024 zeigt einen signifikanten Anstieg der globalen Durchschnittskosten für Datenverletzungen auf 4,88 Millionen Dollar, was einem Anstieg von 10% im Vergleich zum Vorjahr entspricht. Zu den wichtigsten Erkenntnissen gehören:

1. 70% der betroffenen Organisationen berichteten von erheblichen Störungen.
2. Mangel an Sicherheitspersonal führte zu höheren Kosten für Datenverletzungen von 1,76 Millionen Dollar.
3. KI und Automatisierung im Sicherheitsbereich haben die Kosten für Datenverletzungen im Durchschnitt um 2,2 Millionen Dollar gesenkt.
4. 40% der Datenverletzungen beinhalteten Daten, die in mehreren Umgebungen gespeichert waren.
5. Der Diebstahl von geistigem Eigentum stieg um 27%.
6. Der durchschnittliche Lebenszyklus einer Datenverletzung sank auf 258 Tage.

Der Bericht hebt die wachsende Bedeutung von KI-gestützten Verteidigungen und die Notwendigkeit hervor, die mit generativer KI in der Cybersicherheit verbundenen Risiken anzugehen.

Positive
  • Organizations using AI and automation extensively in security operations saved $2.2 million in breach costs
  • 67% of organizations deployed security AI and automation, a 10% increase from the previous year
  • Internal breach detection improved, shortening the data breach lifecycle by 61 days and saving nearly $1 million in costs
  • 63% of organizations plan to increase security budgets, up from 51% last year
  • The average data breach lifecycle hit a 7-year low of 258 days, down from 277 days the prior year
Negative
  • Global average cost of a data breach increased by 10% to $4.88 million
  • 70% of breached organizations reported significant or very significant disruption
  • Organizations with severe staffing shortages faced $1.76 million higher breach costs
  • Intellectual property theft increased by 27%, with costs per stolen record up 11% to $173
  • 40% of breaches involved data stored across multiple environments, increasing complexity and costs
  • 63% of organizations stated they would increase the cost of goods or services due to breaches

Insights

The IBM Cost of a Data Breach Report reveals alarming trends in cybersecurity that should concern investors and businesses alike. The global average cost of a data breach has surged to $4.88 million, marking a 10% increase from the previous year. This significant jump underscores the growing financial risks associated with cybersecurity failures.

Several key factors contribute to this cost escalation:

  • Increased disruption: 70% of breached organizations reported significant or very significant disruption.
  • Staffing shortages: Organizations with severe staffing issues faced $1.76 million higher breach costs.
  • Data visibility gaps: 40% of breaches involved data stored across multiple environments, leading to higher costs and longer detection times.

On a positive note, the adoption of AI and automation in security operations is showing promising results. Organizations extensively using these technologies saw an average cost savings of $2.2 million per breach. This highlights the potential for AI to be a game-changer in cybersecurity strategies.

For investors, these findings suggest a growing market for advanced cybersecurity solutions, particularly those leveraging AI. Companies that can effectively address staffing shortages and improve data visibility across complex environments may gain a competitive edge in this increasingly critical sector.

The latest IBM Cost of a Data Breach Report presents significant financial implications for businesses and investors. The average cost of a data breach reaching $4.88 million represents a substantial financial risk that companies must factor into their operational strategies and risk management practices.

Key financial considerations include:

  • Increased operational costs: 63% of organizations plan to raise prices of goods or services to offset breach costs, potentially impacting consumer demand and market competitiveness.
  • Rising security budgets: 63% of organizations plan to increase security spending, up from 51% last year. This trend could benefit cybersecurity vendors but may pressure margins for companies across other sectors.
  • Sector-specific risks: Healthcare organizations face the highest average breach costs at $9.77 million, followed by financial services, industrial, technology and energy sectors. Investors should be particularly vigilant about cybersecurity risks in these industries.

The report also highlights a potential silver lining: extensive use of AI and automation in security operations could save companies an average of $2.2 million per breach. This suggests that strategic investments in advanced cybersecurity technologies could yield significant returns in risk mitigation and cost savings.

For investors, these findings underscore the importance of evaluating a company's cybersecurity posture and investments as part of the overall financial health assessment. Companies demonstrating robust cybersecurity practices and strategic investments in AI-driven security solutions may be better positioned to mitigate financial risks associated with data breaches.

The IBM Cost of a Data Breach Report highlights several critical technology trends that are reshaping the cybersecurity landscape. These trends have significant implications for both businesses and technology investors:

  • AI and Automation Adoption: 67% of organizations now deploy security AI and automation, a 10% increase from the previous year. This rapid adoption is driven by the technology's effectiveness in reducing breach costs and detection times.
  • Generative AI: 20% of organizations are already using some form of generative AI security tools. This early adoption signals a growing market for AI-powered security solutions.
  • Multi-Environment Data Storage: With 40% of breaches involving data stored across multiple environments, there's an increasing need for comprehensive security solutions that can protect data across diverse infrastructures.
  • Shadow Data: Over one-third of breaches involved shadow data, highlighting the growing challenge of managing and securing data in unmanaged sources.

The report also points to emerging risks associated with generative AI adoption, with 51% of business leaders concerned about unpredictable risks and new security vulnerabilities. This suggests a potential market for specialized AI security solutions.

For technology investors, these trends indicate growing opportunities in:

  • Advanced AI-driven security platforms
  • Multi-environment data protection solutions
  • Shadow data discovery and management tools
  • AI-specific security measures

Companies at the forefront of developing these technologies may be well-positioned for growth as organizations increasingly prioritize advanced cybersecurity measures to combat rising breach costs and complexities.

Intellectual property theft spiked; More than one-third of breaches involved shadow data

Yet use of AI/Automation cut breach costs by $1.88 million

CAMBRIDGE, Mass., July 30, 2024 /PRNewswire/ -- IBM (NYSE: IBM) today released its annual Cost of a Data Breach Report revealing the global average cost of a data breach reached $4.88 million in 2024, as breaches grow more disruptive and further expand demands on cyber teams. Breach costs increased 10% from the prior year, the largest yearly jump since the pandemic, as 70% of breached organizations reported that the breach caused significant or very significant disruption.

Lost business and post-breach customer and third-party response costs drove the year-over-year cost spike, as the collateral damage from data breaches has only intensified. The disruptive effects data breaches are having on businesses are not only driving up costs, but are also extending the after-effect of a breach, with recovery taking more than 100 days for most of the small number (12%) of breached organizations that were able to fully recover.

The 2024 Cost of a Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 604 organizations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute, and sponsored and analyzed by IBM, has been published for 19 consecutive years and has studied the breaches of more than 6,000 organizations, becoming an industry benchmark.  

Some key findings in the 2024 IBM report include:

  • Understaffed Security Teams – More organizations faced severe staffing shortages compared to the prior year (26% increase) and observed an average of $1.76 million in higher breach costs than those with low level or no security staffing issues.
  • AI-Powered Prevention Pays Off – Two out of three organizations studied are deploying security AI and automation across their security operation center (SOC). When these technologies were used extensively across prevention workflows organizations incurred an average $2.2 million less in breach costs, compared to those with no use in these workflows – the largest cost savings revealed in the 2024 report.
  • Data Visibility Gaps – Forty percent of breaches involved data stored across multiple environments including public cloud, private cloud, and on-prem. These breaches cost more than $5 million on average and took the longest to identify and contain (283 days).

"Businesses are caught in a continuous cycle of breaches, containment and fallout response. This cycle now often includes investments in strengthening security defenses and passing breach expenses on to consumers – making security the new cost of doing business," said Kevin Skapinetz, Vice President, Strategy and Product Design, IBM Security. "As generative AI rapidly permeates businesses, expanding the attack surface, these expenses will soon become unsustainable, compelling business to reassess security measures and response strategies. To get ahead, businesses should invest in new AI-driven defenses and develop the skills needed to address the emerging risks and opportunities presented by generative AI."

Security staffing shortages drove up breach costs
More than half of the organizations studied had severe or high-level staffing shortages last year and experienced significantly higher breach costs as a result ($5.74 million for high levels vs. $3.98 million for low levels or none). This comes at a time when organizations are racing to adopt generative AI (gen AI) technologies, which are expected to introduce new risks for security teams. In fact, according to a study from the IBM Institute for Business Value, 51% of business leaders surveyed were concerned with unpredictable risks and new security vulnerabilities arising, and 47% were concerned with new attacks targeting AI.

Mounting staffing challenges may soon see relief, as more organizations stated that they are planning to increase security budgets compared to last year (63% vs. 51%), and employee training emerged as a top planned investment area. Organizations also plan to invest in incident response planning and testing, threat detection and response technologies (e.g., SIEM, SOAR and EDR), identity and access management and data security protection tools.  

Hacking the clock with AI
The report found that 67% of organizations deployed security AI and automation – a near 10% jump from the prior year – and 20% stated they used some form of gen AI security tools. Organizations that employed security AI and automation extensively detected and contained an incident, on average, 98 days faster than organizations not using these technologies. At the same time, the global average data breach lifecycle hit a 7-year low of 258 days – down from 277 days the prior year and revealing that these technologies may be helping put time back on defenders' side by improving threat mitigation and remediation activities.

Shorter breach lifecycles can also be attributed to the increase in internal detection: 42% of breaches were detected by an organization's own security team or tools compared to 33% the prior year. Internal detection shortened the data breach lifecycle by 61 days and saved organizations nearly $1 million in breach costs compared to those disclosed by an attacker.

Data insecurities fuel intellectual property theft
According to the 2024 report, 40% of breaches involved data stored across multiple environments and more than one-third of breaches involved shadow data (data stored in unmanaged data sources), highlighting the growing challenge with tracking and safeguarding data.

These data visibility gaps contributed to the sharp rise (27%) in intellectual property (IP) theft. Costs associated with these stolen records also jumped nearly 11% from the prior year to $173 per record. IP may grow even more accessible as gen AI initiatives push this data and other highly proprietary data closer to the surface. With critical data becoming more dynamic and active across environments, businesses will need to reassess the security and access controls surrounding it.

Other key findings in the 2024 Cost of a Data Breach Report include:

  • Stolen credentials topped initial attack vectors – At 16%, stolen/compromised credentials was the most common initial attack vector. These breaches also took the longest to identity and contain at nearly 10 months.
  • Fewer ransoms paid when law enforcement is engaged – By bringing in law enforcement, ransomware victims saved on average nearly $1 million in breach costs compared to those who didn't – that savings excludes the ransom payment for those that paid. Most ransomware victims (63%) who involved law enforcement were also able to avoid paying a ransom.
  • Critical infrastructure organizations see highest breach costs - Healthcare, financial services, industrial, technology and energy organizations incurred the highest breach costs across industries. For the 14th year in a row, healthcare participants saw the costliest breaches across industries with average breach costs reaching $9.77 million.
  • Breach costs passed to consumers - Sixty-three percent of organizations stated they would increase the cost of goods or services because of the breach this year – a slight increase from last year (57%) – this marks the third consecutive year that the majority of studied organizations stated they would take this action.

Additional Sources

  • Download a copy of the 2024 Cost of a Data Breach Report.
  • Sign up for the 2024 IBM Security Cost of a Data Breach webinar on Tuesday, August 13, 2024, at 11:00 a.m. ET.
  • Read more about the report's top findings in this IBM Security Intelligence blog.

About IBM
IBM is a leading provider of global hybrid cloud and AI, and consulting expertise. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. More than 4,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM's hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM's breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and consulting deliver open and flexible options to our clients. All of this is backed by IBM's long-standing commitment to trust, transparency, responsibility, inclusivity and service. Visit ibm.com for more information.

Media Contact:
Georgia Prassinos
IBM
gprassinos@ibm.com

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/ibm-report-escalating-data-breach-disruption-pushes-costs-to-new-highs-302209290.html

SOURCE IBM

FAQ

What is the global average cost of a data breach in 2024 according to IBM's report?

According to IBM's 2024 Cost of a Data Breach Report, the global average cost of a data breach reached $4.88 million in 2024, a 10% increase from the previous year.

How does the use of AI and automation affect data breach costs for IBM (NYSE: IBM) customers?

IBM's report shows that organizations using AI and automation extensively in their security operations incurred $2.2 million less in breach costs compared to those not using these technologies.

What percentage of organizations experienced data breaches involving multiple environments in IBM's 2024 report?

IBM's 2024 Cost of a Data Breach Report found that 40% of breaches involved data stored across multiple environments, including public cloud, private cloud, and on-premises systems.

How has the average data breach lifecycle changed in 2024 according to IBM's study?

IBM's 2024 report reveals that the global average data breach lifecycle hit a 7-year low of 258 days, down from 277 days in the previous year.

What was the most common initial attack vector for data breaches in IBM's 2024 report?

According to IBM's 2024 Cost of a Data Breach Report, stolen or compromised credentials were the most common initial attack vector, accounting for 16% of breaches.

International Business Machines Corporation

NYSE:IBM

IBM Rankings

IBM Latest News

IBM Stock Data

189.93B
918.60M
0.12%
61.77%
2.56%
Information Technology Services
Computer & Office Equipment
Link
United States of America
ARMONK