Data Breach Risks and Response: What to know in 2024
Recently, The Ponemon Institute released the 2023 Cost of a Data Breach Report (sponsored by IBM Security®), an annual study (now in its 18th year) that takes an in-depth look at the data behind data breaches. In seventy-eight pages, this report gets deep into the numbers, risk factors, costs, and demographics to extract current trends and make educated suggestions on best practices for enterprises looking to minimize their data breach risks (and who isn’t?). The report reviewed 553 breaches worldwide from March 2022 to March 2023.
There’s a lot to wade through in this report and it’s easy to get lost in the weeds. Lucky for you, we’ve done the wading and weeding already to pull out what we think are the essential takeaways and actionable recommendations.
Data Breach Costs Are Rising (Again)
In what has become a yearly thing, data breach costs continued to rise steadily in 2023. In fact, the average cost of a data breach worldwide reached $4.45 million in 2023, a number that is both an all-time high and 15% higher than the same costs in 2020. Make no mistake, data breach costs are rising each year, with no signs of reversal or slowing down.
By far, the healthcare industry is most affected by data breaches, with total costs topping out at just shy of $11 million. This number is almost double the next closest industry, the financial sector, which saw data breach spending reach just under $6 million. Other sectors most targeted include Pharmaceuticals, Energy, Industrial, Technology, Professional Services, and Transportation, with all reporting more than $4 million in data breach expenses last year.
Three key predictors of cost are the data breach lifecycle (how long it takes to identify and contain a breach), the type of breach, and the type of information compromised. The longer the lifecycle, the costlier it tends to be. Ransomware attacks, in which breaches were identified by the attacker, tend to have longer lifecycles and are also more damaging than those breaches found internally through security teams or tools. On average, they are almost 50 days longer and cost almost 20% or about $1 million more.
Highest Risk Factors for Organizations
The report presented an extensive list of risk factors however the top four included:
- security skills shortages
- high levels of security system complexity
- regulation noncompliance
- cloud migrations.
Enterprises looking to decrease data breach risks should prioritize these four areas for analysis; identifying and eliminating any weaknesses could provide significant cost savings.
Continuing trends from the past three years, customer and employee personal identifiable information (PII) were the costliest data to have exposed. This includes critical ID info such as names and social security numbers. Customer PII was the most commonly sought out and was involved in 52% of all breaches. Employee PII, the next most common category, saw significant growth from 21% in 2021 to 40% in 2023. At 34% of all breaches, intellectual property rounded out the mix as the third most common data compromised. No matter the type, length of a breach, or data exposed, these increased expenses are often passed down to the customer, with a majority of businesses (57%) reporting increased prices for services and products after a breach.
Phishing and Ransomware are the most prevalent (and costliest) methods of attack
How are the majority of breaches initiated? By a large margin, there’s a notable pattern of ransomware attacks that begin with phishing and a credential grab. One out of four of these attacks are destructive, rendering systems entirely inoperable. Ransomware was involved in 24% of all data breaches in 2023 while phishing and stolen credentials represented just over 30%. This continues a trend seen in previous years. Interestingly, paying the ransom did not positively affect outcomes and only added to the overall cost of a breach. One effective strategy in dealing with a ransomware attack is to get law enforcement involved early. It decreases the overall data breach lifecycle and decreases costs, thereby saving organizations, on average, about a half a million US dollars.
Cloud Data is Most Vulnerable
Data stored in cloud environments, whether public, private, or a hybrid model, proved to be at considerable risk, targeted in 82% of all breaches. This type of data storage environment often correlated with higher costs and longer data breach lifecycles. Public cloud and varied environments were most at risk, accounting for just shy of 70% of all breaches (27% in public cloud, and 39% in multiple types). At the other end of the spectrum, private cloud and on premises data storage were less exposed, featured in 16% and 18% of breaches respectively.
The Smartest Security and Data Protection Investments Moving Forward
Minimizing (or ideally, eliminating) data breaches is the big picture goal for any business. The stakes couldn’t be higher. Everything is at risk: an organization’s bottom line, reputation, legal exposure due to compliance issues, and overall customer trust.
Since increased costs are associated with longer lifecycles, having centralized internal security systems in place that can respond quickly should be a key consideration. In light of key takeaways from the report, organizations would be wise to focus security resources on decreasing vulnerabilities related to phishing, login credential theft, and ransomware attacks. With cloud storage (and in particular, public cloud) as a well-established security risk, streamlining and securing a business’ cloud ecosystem should also be a priority.
It Starts with AI
AI is crucial for data breach management. Organizations that use AI extensively within their security infrastructure experience a much shorter data breach lifecycle—108 days less on average—than businesses that do not use AI at all. The report cites AI as the most significant cost-saving measure, reducing average data breach costs by nearly USD 1.8 million. Even organizations that have limited use of AI in their security show the benefits and decreased costs.
“Time is the new currency in cybersecurity, both for the defenders and the attackers. As the report shows, early detection and fast response can significantly reduce the impact of a breach,” says Chris McCurdy, General Manager of Worldwide IBM Security Services. “Security teams must focus on where adversaries are the most successful and concentrate their efforts on stopping them before they achieve their goals. Investments in threat detection and response approaches that accelerate defenders’ speed and efficiency – such as AI and automation – are crucial to shifting this balance.”
Sophisticated AI tools are already available. Read more here on how tools like Palo Alto’s Precision AI are incorporating automation, machine learning, and Generative AI into cloud security systems. Each enterprise’s security landscape has unique challenges. It can be overwhelming to sort through all of the manufacturing and support options in the marketplace. This is where Comport’s strength and value lies as a partner. Fundamental to Comport’s process is an analysis and evaluation of an organization’s current security and infrastructure to accurately identify the right AI-based security solution(s) for your needs and goals.
Be Prepared
Data breaches are just one in a seemingly endless list of possible crises a business can face. Similar to any other emergency disaster situation, the better the plan, the better the outcome. The best way to start is to sign up for a security assessment where a team from Comport can analyze an organization’s entire environment, discovering gaps, configuring a zero trust model, advising on and, if required, even managing proper detection and prevention technology. Partner with Comport to put our expertise and experience to work protecting your organization’s most precious asset: its data.
