IBM Report Urgently Calls for AI Use to Thwart Data Breaches
Soaring data breaches are contributing to greater disruption for businesses worldwide.
According to the Cost of a Data Breach Report by IBM, costs are at record levels, reaching £3.58m (US$4.8m) in 2024 across the UK alone. While breach costs decreased in 2023, the report by IBM shows a 5% increase in 2024 compared to the previous year.
As these breaches grow more intense, intensified pressure is placed on the teams trying to keep business data safe. This is particularly the case for financial services participants who experienced the most expensive breaches, followed closely by professional services and technology sectors.
In fact, more than half of organisations suffered a cyberattack that prevented access to data in 2023. This scale highlighted the ongoing need for bolstered enterprise cybersecurity.
According to IBM’s report, stolen credentials and phishing emerged as the two most prevalent initial attack vendors and represented 27% of breaches in the UK.
Breach disruption causing chaos for businesses
The collateral damage from data breaches has only intensified, according to IBM, increasing both costs and consequences for businesses around the world. Globally, recovery from this type of breach took more than 100 days for roughly 12% of breached organisations that were able to fully recover.
- Non-compliance with regulations (£287K/US$368K)
- IoT/OT environment impact (£246K/US$315K)
- Supply chain breaches (£241K/US$309K)
Significantly, more than half of the organisations studied globally by IBM also had severe or high-level staffing shortages in 2023. These businesses also experienced an average of US$1.76m in higher breach costs. IBM also found that 51% of business leaders were concerned with unpredictable risks and new security vulnerabilities arising, alongside 47% concerned with new attacks targeting AI systems.
“In a landscape marked by increasing cyber threats, this year’s report highlights critical vulnerabilities and strategic opportunities,” says Martin Borrett, Technical Director at IBM Security UKI. “Worldwide, organisations with severe security staffing shortages were affected by a substantial rise in breach costs.”
Businesses worldwide are certainly facing the pressure, citing that they are planning to increase security budgets compared to last year (63% vs. 51%) to combat rising staffing challenges. Employee training also emerged as a top area for investment, with organisations suggesting they will be investing in incident response planning and testing, threat detection and response technologies, identity and access management and data security protection tools.
Globally, 42% of breaches were detected by an organisation’s own security team or tools compared to 33% in 2023. Likewise, the report found that companies that engaged with law enforcement in the wake of a ransomware attack saved on average nearly US$1m in breach costs compared with those who didn’t.
AI as a saving grace
This news comes at a pivotal time when organisations are racing to adopt generative AI (Gen AI) technologies, which are expected to introduce new risks for security teams.
Gen AI has emerged as a powerful tool for businesses that can stand to revolutionise industries worldwide. Organisations are increasingly recognising the value of Gen AI in driving operational efficiency and innovation, with its capabilities able to improve processes and expand opportunities.
In security, AI and automation can be effective in supporting efforts to identify and accelerate incident response, leading to reduced breach expenses and overall impact as a result. However, in order to use it successfully within the cybersecurity landscape, businesses are advised to ensure their strategies are stronger than ever.
“Robust, AI-driven security measures are essential, and addressing regulatory non-compliance and IoT vulnerabilities remains crucial,” Martin Borrett explains.
According to IBM’s report, the use of AI and automation was able to cut breach costs by £1.06m (US$1.36m).
Likewise, 71% of organisations studied in the UK are now deploying security AI and automation across their security operation centre (SOC), which is a near 13% jump from the prior year. Globally, 20% stated they used some form of Gen AI security tools.
As a result, UK organisations that harnessed AI extensively detected and contained an incident, on average, 106 days faster than organisations not using these technologies.
“As organisations continue to adopt Gen AI technologies, addressing the new security vulnerabilities that come with them and prioritising investments in security staffing and training is crucial,” highlights Matthew Evans, Chief Operating Officer and Director of Markets at techUK.
“By enhancing security measures and leveraging advanced technologies, businesses can better protect their data and mitigate the far-reaching impacts of breaches.”
******
Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Technology Magazine is a BizClik brand
- LogicMonitor: How AI in ITOps is Impacting The Tech SectorAI & Machine Learning
- Tech Mahindra & ServiceNow: AI Enterprise SolutionsEnterprise IT
- NetApp: AI's Impact on Investment, Security & SustainabilityAI & Machine Learning
- How Workday is Using AI to Drive Better Employee ExperiencesData & Data Analytics