Estimated reading time: 1 minute, 16 seconds

Data Breach Costs Soar, But Companies Don’t Want to Spend: IBM  

Despite skyrocketing price tags for data breaches, many organizations remain unwilling to increase their spending on cybersecurity. That’s one of the key findings of a new study from IBM Security.

IBMAccording to the 2023 Cost of a Data Breach Report, the cost of a data breach averages $4.45 million globally this year. That’s up 15% over the last three years and marks the highest ever in the 18 years that IBM has been publishing the report. The increase reflects a move toward more complex breach investigations. Detection and escalation costs are up 42% over the last three years.

But it appears that companies would prefer their customers pay for the extra expenses. Among studied organizations that suffered a breach, 57% indicated they would pass incident costs onto consumers, compared with 51% that planned to increase security investments.

The report also identifies a beneficial role for AI and automation. Organizations that extensively used both AI and automation saw data breach lifecycles of 214 days, compared with 322 days among studied organizations that did not use those tools.

Calling the police also appears to be a fruitful move. Ransomware victims in the study saved an average $470,000 in breach costs when they involved law enforcement.

Detecting a breach still seems frustratingly difficult. An organization’s own security team detected only one-third of the studied breaches, but their costs were lower than for the 27% of breaches that were revealed by the threat actor.

IBM’s report draws on responses from 553 organizations worldwide from March 2022 to March 2023. The research was conducted by the Ponemon Institute.

 

Read 4332 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.