IBM Report: Escalating Data Breach Disruption Pushes Costs to New Highs

IBM (NYSE: IBM) released its annual Cost of a Data Breach Report revealing the global average cost of a data breach reached $4.88 million in 2024, as breaches grow more disruptive and further expand demands on cyber teams. Breach costs increased 10% from the prior year, the largest yearly jump since the pandemic, as 70% of breached organizations reported that the breach caused significant or very significant disruption.

Lost business and post-breach customer and third-party response costs drove the year-over-year cost spike, as the collateral damage from data breaches has only intensified. The disruptive effects data breaches are having on businesses are not only driving up costs, but are also extending the after-effect of a breach, with recovery taking more than 100 days for most of the small number (12%) of breached organizations that were able to fully recover.

The 2024 Cost of a Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 604 organizations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute, and sponsored and analyzed by IBM, has been published for 19 consecutive years and has studied the breaches of more than 6,000 organizations, becoming an industry benchmark.

Some key findings in the 2024 IBM report include:

• Understaffed Security Teams – More organizations faced severe staffing shortages compared to the prior year (26% increase) and observed an average of $1.76 million in higher breach costs than those with low level or no security staffing issues.
• AI-Powered Prevention Pays Off – Two out of three organizations studied are deploying security AI and automation across their security operation center (SOC). When these technologies were used extensively across prevention workflows organizations incurred an average $2.2 million less in breach costs, compared to those with no use in these workflows – the largest cost savings revealed in the 2024 report.
• Data Visibility Gaps – Forty percent of breaches involved data stored across multiple environments including public cloud, private cloud, and on-prem. These breaches cost more than $5 million on average and took the longest to identify and contain (283 days).
  

Hacking the clock with AI
The report found that 67% of organizations deployed security AI and automation – a near 10% jump from the prior year – and 20% stated they used some form of gen AI security tools. Organizations that employed security AI and automation extensively detected and contained an incident, on average, 98 days faster than organizations not using these technologies. At the same time, the global average data breach lifecycle hit a 7-year low of 258 days – down from 277 days the prior year and revealing that these technologies may be helping put time back on defenders' side by improving threat mitigation and remediation activities.

• Download a copy of the 2024 Cost of a Data Breach Report.
• Read more about the report's top findings in this IBM Security Intelligence blog.

For any questions or requests contact your IBM Representative today.