IBM’s annual Cost of Data Brach Report for 2024 highlights two major developments:
- The global average costs of data breaches have increased 10% from 2023 – reaching $4.88 million (USD)
- The research found that applying Artificial Intelligence/Machine Learning (AI/ML) automation to defender side was able to lower data breach costs an average of $2.2 million (USD).
Automation is reducing the time needed to to identify and contain a breach and limiting the damage caused.
Disruption to business and post-breach customer remediation drove the increase over 2023. When businesses were asked how they were managing the increase in costs more than 50% mentioned that they are passing them on to customers.
35% of data breaches involve shadow data (shadow data: data stored in unmanaged sources) | $4.99 million USD average cost of insider malicious attack. |
46% of data breaches involve customer PII (personal identifiable information). 43% of data breaches involved IP (intellectual property). | $1 million USD in cost savings when law enforcement is involved in ransomware attacks. Involving law enforcement shortened the time to identify and contain breaches from 297 days to 281 days. |
292 days to identify and contain breaches involving stolen credentials. Phishing attacks lasted an average 261 days while social engineering attacks took an average of 257 days. | $830,000 USD average cost increase in the industrial sector per breach compared to 2023. Even with the industrial sector preparing for more rapid response the time identify and contain a data breach was 191 days compared to the industry median of 71 days. |