Data Breach Costs Rapidly Increase After Ransomware Payment – Technologist

Ransomware Payments Reach Record Highs Amid Rising Data Breach Costs

Data Breach Costs Increase in the UK

The average cost of a data breach in the UK surged to £3.58 million from March 2023 to February 2024, marking a 5% increase compared to the previous year. This rise reverses a previous downward trend, with the financial services sector experiencing the most costly breaches, followed by the professional services and technology industries, averaging over £5.4 million.

Impact of Data Breaches

According to the 19th annual IBM Cost of a Data Breach report, the escalating costs are mainly due to lost business and post-breach response expenses. For the 12% of companies that manage to recover, recovering from breaches now takes over 100 days.

Additional Factors Contributing to Higher Costs

Additional factors contributing to higher breach costs include fines for regulatory non-compliance, impacts on Internet of Things (IoT) or operational technology (OT) systems, and disruptions to supply chains.

Record Ransom Payment

The report coincides with Zscaler’s ThreatLabz unit’s revelation of a record $75 million (£58.5 million) ransom paid by an unidentified victim to the Dark Angels ransomware group. This record payment is expected to encourage similar tactics from other cyber criminal groups, driving up costs further.

Leading Causes of Data Breach Costs Increasing

The IBM report also noted that stolen or compromised credentials were the leading cause of breaches, averaging £4.27 million per incident. Phishing and business email compromise followed, with breaches caused by malicious insiders being the most expensive at £4.36 million.

Challenges with Multi-Environment Data Storage

Data breaches arising from visibility gaps in multi-environment data storage were particularly costly, averaging £3.5 million and taking over 250 days to address. If a vulnerability is spotted, business owners and decision-makers are urged instantly to start making changes to address it. Having data in many different places of a business is not ideal for those in charge of protecting cyber security.

Global Security Staffing Shortages

Globally, over half of the organisations surveyed in the report faced severe security staffing shortages, resulting in additional costs exceeding £1.37 million ($1.75 million). However, managed cyber security providers should be able to assist business owners with their cyber security shortfalls by offering services that help to protect data and teach employees about the benefits of cyber security.

Benefits of AI-Powered Security Measures

IBM’s findings suggest that AI-powered security measures can significantly reduce breach costs. Organisations utilising AI and automation detected and contained incidents 106 days faster on average and incurred £1.06 million less in fees than those without such technologies.

Recommendations for Security Investments After Data Breach Costs Soar

The IBM 2024 Cost of a Data Breach report underscores the critical need for robust network and data security investments, particularly in AI-driven prevention and automation. It emphasises the importance of addressing new vulnerabilities and prioritising security staffing and training, especially as businesses adopt generative AI technologies. These measures are essential for better protecting data and mitigating the impacts of breaches.