Join executives from July 26-28 for Transform’s AI & Edge Week. Hear top leaders discuss topics around AL/ML technology, conversational AI, IVA, NLP, Edge and more. Reserve your free pass now!
When it comes to operational challenges, few errors are as costly as data breaches. Just one exploited vulnerability can cause millions of dollars in damage, not only from prior disruption, but also from loss of consumer respect and potential compliance obligations.
Unfortunately, the costs of a data breach are only increasing. Today, IBM Security released its annual “Cost of a Data Breach” report, conducted by Ponemon Institute, which found that the cost of a data breach in 2022 was $4.35 million, a 2.6% increase from the $4 total. 24 million last year.
The study also found that organizations that were victims of cyber-attacks were the main target for follow-up attacks as part of a “haunting effect”, with 83% of organizations surveyed having more than one data breach.
For enterprises, the report highlights the need for new approaches to mitigate the impact of data breaches, especially in light of a growing number of sophisticated attacks, which cannot always be prevented.
Contents
The hostile reality of the threat landscape
As the cost of a data breach continues to rise in a threat landscape of rampant double and triple extortion ransomware attacks and identity-related breaches, it is becoming increasingly clear that traditional approaches to corporate security need to be re-evaluated.
Only in the last week, t-mobile and Twitter discovered firsthand the costs of a data breach, with the former agreeing to pay customers $350 million as part of a post-breach settlement, and the latter faced the negative consequences after a hacker claimed to have accessed data from 5.4 million users .
With the impact of such breaches causing millions of damages, many organizations are making the decision to pass the costs on to consumers as part of an invisible cyber tax. In fact, IBM found that for 60% of organizations, breaches resulted in price increases being passed on to customers.
“What is most striking about this year’s finding is that the financial impact of breaches now extends far beyond the organizations themselves,” said Head of Strategy, IBM Security X-Force, John Hendley.
“The costs trickle down to the consumer. When you consider that two or three companies within a supply chain may have suffered a breach and raised their prices, there is this multiplier effect that ends up hitting the consumer’s wallet. Essentially, we’re now starting to see a hidden “cyber tax” that individuals pay as a result of the growing number of breaches happening today, compounded by the more obvious disruptive effects of cyber-attacks,” Hendley said.
When asked why the cost of data breaches continued to rise, Hendley explained that there are a large number of attacks, but only a limited number of skilled security professionals are available to respond to them.
This is highlighted in the survey where 62% of organizations say they did not have enough staff to meet their security needs.
What are the implications for CISOs and security leaders?
While the report highlights the bleakest of the current threat landscape, it also highlights some promising technologies and methodologies that companies can use to reduce the cost of data breaches.
For example, one of the most promising findings was that organizations with fully deployed security AI and automation can expect to pay $3.05 million less during a data breach, and take the time to identify and contain a breach on average. can be shortened by 74 days.
At the same time, organizations that implement zero trust can expect to pay $1 million less for breaches than those that don’t.
Finally, these organizations have an incident response team and the regularly tested IR plans can reduce costs by $2.66 million.
The mission of VentureBeat is a digital city square for tech decision makers to gain knowledge about transformative business technology and transactions. Learn more about membership.
Janice has been with businesskinda for 5 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider businesskinda team, Janice seeks to understand an audience before creating memorable, persuasive copy.