IBM data breach cost report uncovers invisible ‘cyber tax’
Join executives from July 26-28 for Transform’s AI & Edge Week. Hear top leaders discuss topics around AL/ML technology, conversational AI, IVA, NLP, Edge, etc. Book your free pass now!
When it comes to operational challenges, few mistakes are as costly as a data breach. Just one exploited vulnerability can result in millions of damages, not just due to pre-existing disruption, but loss of respect for consumers and potential compliance responsibilities.
Unfortunately, the cost of a data breach is only increasing. Today, IBM Security released its annual report “Cost of a Data Breach” conducted by the Ponemon Institute, which shows the total cost of a data breach in 2022 at $4.35 million, an increase of 2 .6% from last year’s total of $4.24 million.
The study also found that organizations that fall victim to cyberattacks are prime targets for further attacks as part of the “obsession effect,” with 83% of the organizations studied. there has been more than one data breach.
For businesses, the report highlights the need for new approaches to mitigate the impact of a data breach, especially in the face of an increasing number of sophisticated attacks. , which is not always preventable.
The hostile reality of the threat landscape
As the cost of a data breach continues to rise amid rampant double and triple blackmail ransomware attacks and identity breaches, it is increasingly clear that traditional approaches to enterprise security need to be reevaluated.
Just last week, T Mobile and Twitter the first discovered the cost of a data breach with the first agreeing to pay customers $350 million as part of a post-breach settlement and the second having to deal with the negative consequences after a hacker claimed to have accessed the data of 5.4 million users.
With the impact of such breaches causing millions of dollars in damages, many organizations make the decision to pass the costs on to consumers, as part of an invisible cyber tax. In fact, IBM found that for 60% of organizations, breaches that lead to price increases are passed on to customers.
John Hendley, Head of Strategy, IBM Security X-Force, said: “What was most striking about this year’s findings was that the financial impact of breaches now extends well beyond the organizations themselves. violate.
“Costs are coming down for consumers. In fact, if you consider that two or three companies in a supply chain could have been breached and raised prices, this exponential effect will eventually hit consumers’ pockets. Essentially, we are now starting to see a hidden “cyber tax” that individuals are paying due to the increasing number of breaches occurring today along with the more obvious disruptive effects of attacks. network,” says Hendley.
When asked why the cost of data breaches continues to rise, Hendley explained that there is a large amount of attacks happening, but only a limited number of skills. security expert ready to answer them.
This is highlighted in research with 62% of organizations saying they don’t have enough staff to meet their security needs.
What are the implications for CISO and security leaders?
While the report highlights the bleakest of the current threat landscape, it also points to some promising technologies and methodologies that businesses can use to reduce costs from breaches. data.
For example, one of the most promising findings is that organizations have fully implemented Security AI and automation can pay $3.05 million less in a data breach, and cut the time it takes to identify and prevent a breach by 74 days on average.
At the same time, non-compliance organizations can expect to pay $1 million less in breach costs than non-compliancers.
Ultimately, those organizations that maintain an incident response team and regularly audited IR plans can hope to cut costs by $2.66 million.
VentureBeat’s mission is a digital city square for technical decision-makers to gain knowledge of transformative enterprise technology and transactions. Learn more about membership.