Data breach costs rose to $4.45 million per incident in 2023, IBM found in its annual Cost of a Data Breach report. Customer and employee personal identifiable information was the most commonly breached type of data in 2023 and was involved in 52% of all breaches reported.
- Average data breach cost rose to $4.45 million per incident
- Cloud data is involved in most breaches
- Trickle-down costs decrease slightly
- How business leaders can avoid data breaches
- Survey methodology
Average data breach cost rose to $4.45 million per incident
Data breach costs rose to $4.45 million per incident in 2023, up 2.3% from $4.35 million in 2022. Overall, the average cost has increased 15.3% from the $3.86 million average in 2020.
In addition, one in three companies discovered a data breach themselves, as opposed to 67% of breaches reported by a third party or by the attackers.
Last year, IBM saw detection and escalation costs increase, indicating that it was taking longer to investigate breaches. On average, it took 277 days for organizations to detect a breach and return to normal service. This trend has continued in 2023, with the costs of detection and evaluation rising 9.7% to $1.58 million. Lost business cost dropped the most, by 8.5% to $1.30 million.
Cost was calculated using four areas of financial impact:
- Detection and escalation.
- Post-breach response.
- Lost business.
In the U.S., the average cost of a data breach was $9.48 million, which was the highest globally. The U.K. saw a 16.6% drop in cost from $5.05 million to $4.21 million.
Cloud data is involved in most breaches
The way in which an organization distributed data across its cloud environments was found to make a difference: 82% of breaches involved data stored in public, private or a combination of multiple clouds. In 39% of cases, breaches crossed multiple cloud environments and ran a higher-than-average penalty of $4.75 million.
SEE: Explore 10 ways to improve your data security (TechRepublic)
Trickle-down costs decrease slightly
Customers may feel the impact of data breaches. A slight majority (57%) of organizations increased the prices of their business offerings after a data breach — down slightly from 60% in 2022.
How business leaders can avoid data breaches
IBM recommended the following tips for business leaders trying to prevent data breaches.
Build security into all stages of development
Business leaders should keep in mind the importance of providing resources to help developers work under secure-by-design principles, making sure security comes into play in the initial design phase of major technology changes.
App developers who build cloud-native applications can reduce attack surfaces and bolster user privacy in the cloud. Building security into applications during development will also help organizations keep up to date with regulations, IBM said.
Keep an eye on your hybrid cloud
Organizations should be sure they have strong encryption, data security and data access policies when storing data across multicloud and hybrid cloud environments. Organizations would be well-served by looking into data security and compliance tools that can protect data as it moves.
In addition, data activity-monitoring solutions can help security teams gain insight into their data stores and enforce policies automatically. IBM recommended data security posture management, which is a newer service that can identify vulnerable data across structured and unstructured assets within cloud service providers, software-as-a-service properties and data lakes.
Consider how AI and automation make a difference
AI is trendy right now, but it has proven itself in the numbers, IBM found. Companies using extensive security AI and automation were found to have a $1.76 million lower data breach cost on average, as well as a 108-day shorter time to identify and contain the breach.
Security tool sets that can benefit from AI and automation include:
- Threat detection and response tools.
- Data security and identity solutions to detect suspicious behaviors.
IBM also noted that it’s important to use a trusted service that will not introduce bias or blind spots.
“It’s crucial to ensure that the data used to train the AI models is widely diverse and void of bias–that the models are transparent, explainable, and free from drift; and that they are trained continuously–the same way continuous learning is essential for humans,” said Sridhar Muppidi, CTO, IBM Security, in an email to TechRepublic. He pointed out three important elements to keep in mind when choosing an an AI-enhanced or automated security solution:
- Focus on the outcomes delivered by AI vs. the technology—
specifically, a quantifiable way to improve detection accuracy or response speed.
- Put the proper guardrails and context in place to drive fast and reliable outcomes.
- Consider operational aspects like performance, scalability, and resiliency.
Generative AI in particular is too new for anyone to be certain what the impact on security will be overall, Muppidi said. However, he anticipates it is “poised to give a substantial edge to our ability to detect accurately and respond faster to breaches.”
“When you look at the mean time to detect and contain a data breach, [generative] AI will become a force multiplier for both stages, to optimize threat operations and analyst’s time,” he said.
Focus on incident response
A dedicated incident response team or partner can make a big difference. Organizations with mature, high levels of incident response had on average $1.49 million lower data breach costs, compared to organizations with low levels or none, and resolved incidents 54 days faster.
For an added layer of security, network segmentation complements diligent incident response well. Incident response can also be boosted by training security teams on simulated breach scenarios or penetration testing.
51% of survey respondents said they planned to increase security investments after a breach. Incident response, planning and testing, employee training, and threat detection and response technologies were the most desirable areas for additional investment.
SEE: TechRepublic Premium’s Incident Response Policy
The annual Cost of a Data Breach report was written in partnership with the Ponemon Institute. Respondents came from 553 organizations across 16 countries and geographic regions and 17 industries. All of the surveyed organizations were hit by data breaches between March 2022 and March 2023. Information was collected through 3,475 interviews with IT, compliance and information security practitioners from those organizations.
Subscribe to the Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays