In a stark reminder of the escalating threats facing organisations worldwide, IBM’s latest Cost of a Data Breach Report reveals that the global average cost of a data breach has surged to 4.88 million US dollars in 2024, reflecting a significant 10 per cent increase from the previous year.
This record-setting spike underscores the severe financial and operational impacts of data breaches, driven by extensive disruptions and prolonged recovery periods. The report, based on an in-depth analysis of real-world breaches experienced by 604 organisations globally, highlights critical challenges in cybersecurity, data governance, and the adoption of advanced technologies like AI and automation.
The report highlights the disruptive impact of data breaches, with 70 per cent of breached organisations reporting significant disruptions. This collateral damage has extended recovery periods, with over 100 days needed for most organisations to recover fully. Security teams are also facing severe staffing shortages, with a 26 per cent increase in organisations experiencing high-level security staffing issues. These understaffed teams saw breach costs 1.76 million US dollars higher than those with adequate staffing.
One of the key findings of the report is the substantial cost savings achieved through the deployment of security AI and automation. Organisations that extensively utilised these technologies saved an average of 2.2 million US dollars in breach costs compared to those without AI and automation. These tools helped organisations detect and contain breaches an average of 98 days faster, reducing the global average data breach lifecycle to a seven-year low of 258 days.
Data visibility gaps have also been identified as a significant issue, with 40 per cent of breaches involving data stored across multiple environments, including public cloud, private cloud, and on-premises systems.
These breaches, costing over five million US dollars on average, took the longest to identify and contain, averaging 283 days. Intellectual property (IP) theft has seen a sharp rise, with 27 per cent more breaches involving stolen IP records. The cost of these breaches has also jumped nearly 11 per cent from the previous year to 173 US dollars per record. Shadow data, or data stored in unmanaged sources, contributed to over one-third of breaches, complicating data tracking and protection efforts.
Ransomware attacks continue to pose significant challenges, but the report found that involving law enforcement during these incidents can significantly reduce breach costs. Organisations that involved law enforcement saved nearly one million US dollars on average, excluding the cost of any ransom paid. Most organizations involving law enforcement (63%) were able to avoid paying a ransom.
Cost of data breaches by country or region
The report provides detailed insights into the cost of data breaches across different countries and regions. The United States led the world with the highest average data breach cost at 9.36 million US dollars, followed by the Middle East at 8.75 million US dollars, Benelux at 5.90 million US dollars, Germany at 5.31 million US dollars, and Italy at 4.73 million US dollars. Notably, Canada and Japan saw average costs drop, while Italy and the Middle East experienced significant increases.
For countries in emerging Europe, the findings of this report are particularly relevant. As these nations continue to integrate into the global digital economy, they face increasing cyber threats. The high costs of data breaches highlighted in the report serve as a warning for organisations in emerging Europe to prioritise cybersecurity investments and adopt advanced technologies like AI and automation to protect their growing digital infrastructures and avoid severe financial repercussions.
Emerging Europe: Building resilience in the digital age
Emerging Europe must build strong cybersecurity frameworks as digital transformation accelerates. Nations in this region need to address staffing shortages and invest in AI-driven security solutions to mitigate risks. The legal and regulatory environments in these countries must also evolve to better manage and respond to data breaches, ensuring compliance with international standards and protecting the burgeoning digital economy.
As these countries embrace digital transformation, they must prioritise robust cybersecurity measures to safeguard their digital assets and economic growth. Investing in AI-driven security solutions can significantly enhance their ability to detect and respond to threats swiftly, reducing the potential damage and costs associated with breaches.
Addressing the cybersecurity skills gap is essential. Governments and organisations should focus on developing a skilled cybersecurity workforce through education, training, and international collaboration. By strengthening their cybersecurity talent pool, these countries can better protect against sophisticated cyber threats that accompany digital advancement.
Legal and regulatory frameworks in emerging Europe must also adapt to the evolving threat landscape. Implementing stringent data protection laws and ensuring alignment with international standards will enhance the region’s ability to manage and mitigate the impacts of data breaches. Regulatory compliance not only protects sensitive information but also builds trust with global partners and investors, fostering economic growth.
Cost of data breaches by industry
Healthcare remains the industry with the highest average data breach cost despite a 10.6 per cent decrease from the previous year, with costs averaging 9.77 million US dollars. Other industries with high breach costs include financial services, industrial, technology, and energy sectors.
The report also noted that breaches involving customer personally identifiable information (PII) were the most common, occurring in 46 per cent of cases, and breaches in the industrial sector saw the most significant cost increase, rising by an average of 830,000 US dollars per breach.
Security staffing shortages exacerbate breach costs
More than half of the organizations studied had severe or high-level staffing shortages, which contributed to higher breach costs. These staffing challenges come at a critical time as organisations race to adopt generative AI technologies, introducing new risks and vulnerabilities.
According to the IBM Institute for Business Value, 51 per cent of business leaders are concerned about unpredictable risks and new security vulnerabilities from AI adoption.
AI and automation accelerate breach detection and response
The report highlighted the increasing adoption of security AI and automation, with 67 per cent of organisations using these technologies—a 10 per cent jump from the previous year. These tools helped organizations detect and contain breaches an average of 98 days faster, reducing the global average data breach lifecycle to a seven-year low of 258 days.
Impact on cybersecurity, eDiscovery, and legal professionals
This report underscores the critical need for robust cybersecurity measures and the adoption of advanced technologies to mitigate data breach risks. Cybersecurity professionals must focus on addressing staffing shortages and enhancing their capabilities with AI and automation.
For eDiscovery and legal professionals, the increasing complexity and costs associated with data breaches highlight the importance of comprehensive data protection strategies and incident response planning. These professionals play a crucial role in navigating the legal and regulatory implications of data breaches, ensuring compliance, and minimising the financial and reputational impacts on their organisations.
Looking forward
The findings from IBM’s 2024 Cost of a Data Breach Report emphasize the urgent need for organisations, especially in emerging Europe, to bolster their cybersecurity measures and invest in advanced technologies to mitigate risks.
As the digital landscape continues to evolve, with increasing complexities and emerging threats, cybersecurity, eDiscovery, and legal professionals must prioritize comprehensive data protection strategies and robust incident response planning.
By addressing staffing shortages, enhancing AI capabilities, and ensuring data visibility, organisations in emerging Europe and beyond can significantly reduce the financial and reputational impacts of data breaches, safeguarding their operations and maintaining customer trust in an increasingly vulnerable digital world.
Read the complete article at IBM Report: Rising Data Breach Costs Highlight Challenges for Cybersecurity and eDiscovery Professionals in Emerging Europe (complexdiscovery.com)
This content has been produced in collaboration with a partner organisation through our Global Visibility Programme. Our programme helps companies boost their digital presence and strengthen the thought leadership of their experts. Find out more here.
Add Comment