Cybersecurity company IBM Security’s ‘Cost of a Data Breach 2023′ report showed that the average total cost of a data breach for South African organisations increased by 8% over the past three years, reaching R49.45-million this year, which is an all-time high. The average cost of a data breach has also increased by 73% since the report series started studying South Africa’s data eight years ago. The average total cost of data breaches per record reached an all-time high at R2 750, which is a 20% increase from R2 300 in 2021, said IBM South Africa GM and technology leader Ria Pinto. The financial sector experienced the highest average total costs of data breaches at R73.1-million. The industrial sector saw average total costs of data breaches at R71.37-million and the services sector reached R58.78-million.
The majority of cyberthreats were the results of stolen or compromised credentials constituting 14% of the initial attack vectors and phishing scams constituting 14% of the initial attack vectors. Attacks through compromised business emails were second at 12%, and attacks owing to cloud misconfiguration were third at 11%, she highlighted. Further, detection and escalation costs reached R20.88-million, which is the highest portion of breach costs and indicates a shift towards more complex breach investigations. This was followed by costs associated with lost business at R13.56-million, post-breach responses at R13.29-million and notifying relevant stakeholders at R1.72-million. Globally, the study also found that 95% of studied organisations, including South African organisations, have experienced more than one breach. Further, breached organisations were more likely to pass incident costs on to consumers (57%) than to increase security investments (51%). More than 51% of data breaches studied resulted in data loss across multiple environments, including public cloud, private cloud and on-premises, showing that attackers could compromise multiple environments while avoiding detection.
Data breaches impacting multiple environments also led to higher costs, of R51.49-million on average. Additionally, organisations across all industries that had a high-level incident response (IR) team saw the average cost of a data breach of R2.96-million and those that had a robust IR plan with regular testing in place saw the average cost of a data breach of R2.92-million, which are lower than those studied with a low level or no use of an IR approach. “The financial sector is the most targeted. Organisations should look to modernise their perimeter security strategies to enhance protection of their financial data by using zero-trust security solutions, underpinned by artificial intelligence (AI) and automation, to increase their cyber resiliency, manage the risks and comply with strict data privacy policies such as the Protection of Personal Information Act,” she advised. Further, AI and automation had the biggest impact on speed of breach identification and containment for studied organisations. In South Africa, organisations with extensive use of both AI and automation experienced a data breach lifecycle that was 95 days shorter compared to studied organizations that did not deploy these technologies, or 190 days using AI and automation versus 285 days without, and only 28% of studied organisations have extensively implemented security AI and automation. “Organisations in the report that deployed security AI and automation extensively saw, on average, nearly R10.49-million lower data breach costs than organisations that did not deploy these technologies, which is the biggest cost saver identified in the report. Further, with nearly 29% of organisations not yet deploying security AI and automation and 43% using them sparingly, most organisations still have a considerable opportunity to boost detection and response speeds,” Pinto noted. “Time is the new currency in cybersecurity, both for the defenders and the attackers. As the report shows, early detection and fast response can significantly reduce the impact of a breach,” said IBM Security services worldwide GM Chris McCurdy. “Security teams must focus on where adversaries are the most successful and concentrate their efforts on stopping them before they achieve their goals.
Investments in threat detection and response approaches that accelerate defenders’ speed and efficiency, such as AI and automation, are crucial to shifting this balance,” he emphasised. Security teams can benefit from having security AI and automation embedded throughout their tool sets. For example, using security AI and automation across threat detection and response tools can help analysts detect new threats more accurately and contextualize and triage security alerts more effectively. These technologies can also automate portions of the threat investigation process or recommend actions to speed response. Additionally, AI-driven data security and identity solutions can help drive a proactive security posture by identifying high-risk transactions, protecting them with minimal user friction and stitching together suspicious behaviours more effectively, said McCurdy
Article By: engineeringnews.co.za Image via: unsplash.com