Rising data breach costs show no signs of slowing down, says IBM

Data breach costs concept image showing a red alert symbol pictured on a digitized circuit board.
(Image credit: Getty Images)

Data breach costs have surged over the last year, new research from IBM shows, with organizations globally experiencing the highest increase in remediation costs since the COVID pandemic.

The tech giant’s Cost of Downtime Report studied 604 organizations across 17 industries and 16 countries and regions that had been impacted by a data breach between March 2023 and February 2024.

The research, conducted by Ponemon Institute, included interviews with over 3,000 security professionals with firsthand knowledge of the incidents, covering a range of breaches from 2,100 to 113,000 compromised records

IBM found the average cost of a data breach jumped to $4.88 million from $4.45 million over the course of 2023, marking a 10% increase – the largest since the pandemic.

Speaking to ITPro, Sam Hector, global strategy lead at IBM Security, noted one of the primary drivers of this spike was an increase in the scale of business disruption a breach has on an organization.

“There has been a really significant increase in the business disruption that breaches have on an organization. So it’s not just the actual impact of the breach and recovering from it, but often it’s tangential things that happen that are attached to the breach,” he explained

“If you look at the MGM casinos and resorts hack that happened last year, for example, not only was that bad in terms of the actual impact of the attack, but also the associated business disruption was huge. People couldn’t get into their hotel rooms, restaurants were taking orders on paper.”

Another factor exacerbating data breach costs are widening skills shortages, with more than half of the organizations surveyed by IBM said they faced “severe” security staffing issues

IBM found security skills gaps increased by just over 26% since 2023, which corresponded to firms incurring increased recovery costs from a cyber intrusion, by an average of  $1.76 million.

Accordingly, one of the most cost-efficient ways businesses can drastically reduce the cost of a data breach is by investing in employee training, which IBM calculated reduced the average breach cost by $258,629.

Data breach costs are paired with longer remediation times 

Another aspect that is increasing the impact of data breaches on firms is the amount of time it takes for them to recover, meaning their business operations are back to normal in affected areas, they have met any compliance obligations, and customer confidence and employee trust have been restored.

IBM found only 12% of organizations said they fully recovered from their cyber incident, with the majority reporting they were still working towards total recovery.

Hector said even those that had fully recovered reported it took them a significant amount of time, with only 3% of firms able to fully recover in less than 50 days.

“I think the other thing we’re seeing is breaches are getting more difficult to recover from,” he told ITPro.“The average recovery took more than 100 days, quite significantly, and the majority of businesses we interviewed hadn’t recovered from that breach. They were still going through the process of trying to recover.”

Industrial sector hardest hit with data breach costs

One area Hector highlighted where data breaches are particularly costly was the industrial and manufacturing sector. The combination of legacy infrastructure and complex, interwoven supply chains makes recovery far more complicated.

“Those industries are being much more heavily targeted by attackers these days, and when you attack critical infrastructure obviously the knock-on effects to other businesses, to the economy, and to the wider ecosystem around those businesses is huge,” he explained.

“[Operational technology] OT means that inherently the environments of industrial organizations are more complex, and when you get additional complexity, it's harder to unwind things when it goes wrong. Not only do they have more complex systems, they’re also a higher vulnerability to disruption, and they’re being targeted more, which exacerbates the problem.”

Hector added that he was interested to find that the industrial sector was increasingly being targeted by sophisticated, potentially state-sponsored threat groups targeting intellectual property, citing a 27% year-on-year rise in IPtheft.

RELATED WHITEPAPER

“For sophisticated attackers, the very highly funded, competent, advanced types of organizations that are malicious, were targeting intellectual property theft a lot more than we’ve ever seen in the past,” Hector noted.

He outlined why he thinks firms in the sector, in particular, are struggling to deal with this increased attention from cyber criminals, suggesting the shift to the hybrid cloud has not been easy for  industrial organizations with a larger number  of legacy systems.

“The reason for that is that industrial firms have sensitive intellectual property and a competitive advantage to protect in terms of what they produce and how they produce it. What they’re struggling with is that data is proliferating across a hybrid cloud.”

“It used to be very neatly contained. Even if it was a complex system it would normally be on premise. But these days, most firms are using multiple cloud providers, SaaS applications, and so keeping track of all that sensitive intellectual property becomes even more difficult.”

Solomon Klappholz
Staff Writer

Solomon Klappholz is a Staff Writer at ITPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.

TOPICS