The average global cost of a data breach now stands at a record $4.45m, up a little over 2% year on year (YoY), according to a new report from IBM.
Now in its 18th year, the tech giant’s annual Cost of a Data Breach Report was compiled by the Ponemon Institute from interviews with 553 organizations worldwide.
It claimed that the main contributor to additional cost this year was detection and escalation activities, which include forensics and investigations, assessment and audit services, crisis management and communication to executives and boards. These costs surged 42% YoY.
Disappointingly, the report noted that breached organizations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%).
Alongside the global average, the cost of a breach in the US also increased (to $9.48m) and it continues to be the country with the highest breach costs. Healthcare is still the costliest vertical, with costs increasing 8% to $10.93m per breached organization.
However, in many countries and verticals costs actually declined. The countries that experienced a reduction in average breach costs included Canada, Germany, Japan, the UK, France, South Korea, South Africa, Australia, India, Scandinavia and Brazil.
In terms of verticals, financial services, pharmaceuticals, technology, professional services, consumer, education, research, entertainment and retail all saw a decline in breach costs.
As highlighted in the report, the three most impactful ways to reduce breach costs are: use of DevSecOps (which saved $249,278 on the global average figure); employee training (-$232,867); and incident response plans and testing (-$232,008).
Phishing and stolen or compromised credentials were the two most common initial attack vectors and also featured in the top four most expensive access vectors alongside malicious insiders and business email compromise (BEC).
If you would like to know how SOC Automation’s AI-powered automated threat detection platform can help protect your organisation against even the most devastating of attacks, get in touch today.