The IBM Cost of a Data Breach Report 2024, a study conducted in collaboration with the Ponemon Institute, shows the financial and strategic implications of security incidents, including how the healthcare sector is most heavily impacted and the cost of a breach has risen 10% on average.
The cost of data breaches
In 2024, the global average data breach cost rose to $4.88 million, reflecting a 10% increase from $4.45 million the previous year. The increase shows organizations' financial burden when dealing with breaches, pointing to the need for proactive measures to manage these risks.
For the 14th consecutive year, U.S. companies had the highest average data breach costs, with breaches costing an average of $9.36 million in 2023, according to IBM’s annual Cost of a Data Breach Report. The report, based on data from 604 organizations globally, also found that breaches have become more disruptive, with 70% of affected organizations reporting disruptions that were considered severe.
Read more: Study shows the cost of data breaches at an all-time high
Industry-specific impact
The healthcare sector remains the most impacted, with an average breach cost of $9.77 million in 2023. Following healthcare, financial services faced an average breach cost of $6.08 million, industrial sectors at $5.56 million, and technology firms at $5.45 million.
The proliferation of shadow data
A growing concern within these statistics is the presence of shadow data—unknown, hidden, or overlooked copies of sensitive information outside of the organization’s IT security measures. The report notes that over one-third of breaches involved shadow data. With data increasingly stored across multiple environments, tracking and safeguarding this information has become more challenging.
Impact of cybersecurity staffing
Cybersecurity staffing also plays a part in breach costs. More than half of the breached organizations in 2023 faced severe or high-level staffing shortages, a 26.2% increase from 2022. Although some organizations have adopted generative AI security tools to improve productivity and efficiency, the skills gap remains an issue.
Read also: What is cybersecurity in healthcare?
The transformative power of AI and automation
The adoption of AI and automation in cybersecurity has proven beneficial. Organizations that used these technologies saw average cost savings of $2.2 million compared to those that did not. Additionally, breaches were contained an average of 98 days faster with AI-powered security measures. Using innovative technologies can help organizations better manage cyber threats, but organizations must be careful with what technology they use, as not all platforms, software, or systems, are equal.
Strengthening prevention strategies
The report suggested the need for a security-first approach to emerging technologies, particularly in the context of generative AI. Currently, only 24% of gen AI initiatives are secured, posing a risk of exposing sensitive data and potentially undermining the benefits of these technologies.
Kevin Skapinetz, Vice President of Strategy and Product Design for IBM Security said, “Businesses are caught in a continuous cycle of breaches, containment, and fallout response. As generative AI rapidly permeates businesses, expanding the attack surface, these expenses will soon become unsustainable, compelling businesses to reassess security measures and response strategies.”
Enhancing cyber response
The rise in data breach costs is partly due to an 11% increase in lost business and post-breach response costs. Detection and escalation expenses made up the largest share of 2023 costs at $1.63 million, followed by lost business costs at $1.47 million, and post-breach response costs at $1.47 million. Notification expenses averaged $430,000.
Additionally, the time to identify and contain a data breach dropped to a seven-year low of 258 days in 2023. However, recovery from breaches remains a lengthy process, with more than three-quarters of organizations taking over 100 days to recover, and 35% taking over 150 days.
Attack vectors and data compromise
The report also examines the common attack vectors and types of data compromised. Stolen or compromised credentials were the most common initial attack vector, accounting for 16% of breaches, followed by phishing and cloud misconfiguration. Customer personally identifiable information (PII) was the most frequently stolen data, involved in 48% of breaches, though this was a slight decrease from 52% in 2022. Employee PII was compromised in 37% of breaches, while intellectual property was compromised in 43%, reflecting an increase from the previous year.
Related: Common cyberattack vectors
In the news
The latest update from UnitedHealth Group (UHG) reveals that the expenses incurred in response to Change Healthcare's ransomware attack of February 2024 have surged considerably. The current estimated cost ranges between $2.3 billion and $2.45 billion, an increase of over $1 billion from the previous figure reported earlier. Given that UHG has already shelled out almost $2 billion towards dealing with this issue so far, it marks one of their most significant financial challenges yet–largely due to an extended period of disruption caused by prolonged network downtimes across various components within their infrastructure.
The aftermath of the Change Healthcare cyberattack and UnitedHealth's response shows how cybersecurity vulnerabilities in healthcare can have far-reaching consequences.
See more: Change Healthcare ransomware attack projected to cost $2.3 billion
FAQs
What is a data breach?
A data breach occurs when sensitive, protected, or confidential data is accessed, disclosed, or stolen by unauthorized individuals. Data can include personal information such as names, social security numbers, credit card details, and medical records. Breaches can occur through various means, such as hacking, malware attacks, insider threats, or inadequate security measures.
Can legal action result from a data breach?
Yes, legal action can result from a data breach, as affected individuals or organizations may sue for damages caused by the breach.
How can healthcare organizations prevent data breaches?
Healthcare organizations can reduce the risk of data breaches by implementing strong cybersecurity measures, conducting regular security training for employees, and using encryption to protect sensitive data.
What is the role of business associate agreements (BAAs) in preventing data breaches?
BAAs ensure that third-party vendors handling protected health information (PHI) comply with HIPAA regulations, reducing the risk of breaches caused by vendor actions.
What should a healthcare organization do immediately after discovering a data breach?
Upon discovering a data breach, a healthcare organization should contain the incident, assess the scope of the impact, notify affected individuals and relevant authorities, and begin an investigation to understand how the breach occurred and how to prevent future incidents.
Learn more: HIPAA Compliant Email: The Definitive Guide
Farah Amod
