IBM released its annual Cost of a Data Breach Report revealing the average cost of data breaches in 2024 has hit a record high of $4.88 million, up 10% from 2023 as breaches grow more disruptive and further expand demands on cyber teams.
The new research, conducted independently by Ponemon Institute and analyzed by IBM, studied 604 breached organizations from 16 countries and regions and across 17 industries between March 2023 and February 2024. It also included interviews with 3,556 security and business professionals from the breached organizations.
One bright note: the researchers found that organizations that extensively use AI and automation across prevention workflows saved $2.2 million on average data breach cost over organizations that aren’t using those technologies.
In the U.S., the average data breach cost declined – from $9.48 million in 2023 to $9.36 million in 2024 – yet remains the highest in the world, followed by the Middle East region, which saw the average breach cost increase from $8.07 million to $8.75 million. If current trends continue, the Middle East could overtake the top spot from the U.S. as early as 2025.
Mega breaches – defined as a million or more records compromised – were excluded from the calculations because of their huge cost, starting at around $42 million per breach.
Below are those takeaways and several others from the Cost of a Data Breach Report 2024.
Healthcare, Breach Containment Time Improve
Among industries, healthcare took the top spot again, even as the cost per breach dropped substantially, from $10.93 million to $9.77 million. Financial firms were a distant second at $6.08 million, up slightly over 2023.
The average time to identify and contain a breach fell to a 7-year-low of 258 days. Compromised credentials and insider breaches took even longer to contain.
The most common initial attack vectors were:
- Stolen or compromised credentials (16%)
- Phishing (15%)
- Cloud misconfiguration (12%)
- Unknown zero-day vulnerability (11%)
- Business email compromise (10%)
- Malicious insider (7%)
Social engineering, known unpatched vulnerabilities, accidental data loss, and stolen devices, physical security compromise, and system errors all came in at around 6% each.
Factors Contributing to Data Breach Cost
Factors contributing to higher breach costs included understaffed security teams, shadow data, and data spread across multiple environments.
AI tools, along with detection by internal tools and teams (as opposed to hearing from third parties or attackers), were positive factors, and bringing in law enforcement in ransomware cases saved nearly $1 million per incident, and 63% of ransomware victims who involved law enforcement were able to avoid paying a ransom.
Interestingly, any investment in AI and automation saved on breach costs.
Also noteworthy, the IBM report includes an extensive look at the security tools and factors that decreased breach costs, in descending order:
Key factors that increased costs
The top 3 factors that amplified breach costs in this analysis were security system complexity, security skills shortage, and third-party breaches, which can include supply chain breaches.
Data Breach Recovery Takes Time
Only 12% of the organizations said they had fully recovered from the breach.
In the context of the study, full recovery from a breach means:
- Business operations back to normal in areas affected by the breach.
- Compliance obligations met, including paying fines.
- Customer confidence and employee trust restored.
- Controls, technologies, and expertise in place to avoid future breaches.
That third point – customer confidence – is the toughest to restore, and a reason to invest in effective cybersecurity controls in the first place.
Source: IBM