According to IBM’s latest 2023 Data Breach Report, the average cost of global data breaches in 2023 is expected to reach an all-time high of $4.45 million. The research is based on an examination of 553 real-world data breaches that occurred between March 2022 and March 2023. In 2023, data breach costs will be 15% higher than in the previous three years. In particular, the price of ‘detecting vulnerabilities’ and ‘upgrading hardware’ will increase by 42%, indicating a move towards more complex data breach investigations.
Despite the escalating costs, organizations are using a variety of tactics to deal with data breaches. While 95% of organizations have experienced multiple data breaches, 57% have chosen to pass the cost on to customers rather than bear the burden themselves.
According to IBM’s analysis, aggressive use of artificial intelligence can help reduce the risk of data breaches. Companies that used AI extensively were found to reduce the lifecycle of a data breach by 108 days, saving an average of $1.76 million.
Law enforcement involvement is thought to be useful for companies in dealing with data breaches quickly. Organizations that worked with law enforcement saw their breach lifecycle shortened by an average of 33 days. These organizations also saved an average of $470,000 in compliance costs. Despite this, 37% of ransomware victims in the study decided not to contact law enforcement when targeted by ransomware.
Surprisingly, the organization’s security team detected only 33% of breaches. The remaining 40% of breaches were discovered by impartial third parties, such as law enforcement before the organization was made aware of the intrusion. The attackers discovered a further 27% of breaches.
Organizations that learned of breaches later incurred an average of $1 million more in costs than those that discovered the breaches themselves, and the lifecycle of the breach was approximately 80 days longer.
The paper highlights the growing importance of strong cybersecurity measures, the potential benefits of adopting AI, and the importance of partnering with law enforcement to successfully mitigate the impact of data breaches.
