The global average cost of a data breach in 2023 was USD 4.45 million. That’s a 15 per cent increase over three years, according to the multi-national IBM in its annual ‘cost of a breach’ report.
The firm found that about half, 51 per cent of organizations are planning to increase security investments as a result of a breach, including incident response (IR) planning and testing, employee training, and threat detection and response tools.
Visit https://www.ibm.com/reports/data-breach. On an August 1 webinar you can hear at 4pm London time from John Hendley, Head of Strategy, IBM X-Force; and Troy Bettencourt, Global Head of IBM X-Force Incident Response; hosted by Sarah Dudley, of IBM X-Force Product Marketing.
As for AI, the company found that a minority, 28pc of organizations used security AI extensively, which can reduce costs and speed up containment of a cyber breach.
Comments
Andy Roberson, Head of Enterprise and Cybersecurity Business, Fujitsu UK and Ireland, said: “Utilising AI isn’t just a cost-effective move to cut through the cyber security noise, it’s pragmatic too. We’re increasingly seeing AI being used by bad actors as a way to generate mass phishing emails and polymorphic malwares at speed – it’s time we fight fire with fire.
“Cybercriminals are increasingly adopting AI-driven tactics and security departments need to do the same, as it allows them to act faster and better predict potential vulnerabilities and attacks. Prevention is better than addressing breaches as they happen, and using AI levels the playing field for organisations.
“However, integrating any new technology – AI included – must be done in a considered way. The shiny promises of new tech may glitter with potential, but understanding the specific needs and goals of one’s enterprise is essential. It’s important to first consider two fundamental questions: what tools do we currently possess and what precisely are our objectives. Countless technologies come armed with the promise that they deliver the moon and the stars, but that simply isn’t the case. Conversations need to take place at a board level about an organisation’s ability to effectively leverage new security tools, or else they run the risk of spending time and money on an innovation they don’t have the capacity to use properly.”
And Steve Bradford, Senior Vice President, EMEA, at the cyber firm SailPoint, said: “Organisations must ensure they integrate cyber resilience at the core of their business models. And, as today’s new research highlights, the right technology can really help.
“AI-enabled identity security, for example, is key in allowing organisations to see, manage, control, and secure all variations of identity, knowing who has access to what, and why across their entire network. This means organisations can improve the detection of suspicious behaviour and trigger quicker and more impactful responses.
“Defences like this are crucial to reducing the risk of breaches and should be a key consideration in every organisation’s cybersecurity risk management strategy.”
