IBM Cost of a Data Breach Report: AI + Automation Key to Mitigating Impact

Last week, IBM released its latest Cost of a Data Breach Report, a benchmark study that explores the causes and associated impact of data breaches. This edition, the 19th of the series, analyzed 604 organizations across 17 industries that were impacted by data breaches between March 2023 and February 2024.

As has been the trend since 2021, the average cost of a data breach continues to rise. But for the fifth straight year, researchers found that the use of AI and automation solutions substantially reduced not only the time needed to identify and contain a breach but also its resulting damage. In some instances, applying these technologies lowered breach costs by an average of $2.2 million.

Read on for more key takeaways from the 2024 report.

Over the last decade, the cost of a data breach has risen by an average of 3% each year. In 2024, the average cost of a data breach surged to $4.88 million, up from $4.45 million the prior year. This represents a nearly 10% increase—the largest growth since 2021.

Contributing to the overall rise in breach costs were increases in expenses related to business disruption and post-breach customer support and remediation, which grew by nearly 11% over the previous year. These costs can vary widely depending on the scope and severity of the breach, but considering that 70% of organizations in this year’s study reported experiencing a “significant” or “very significant” disruption to business resulting from a breach, it’s safe to assume the associated expenses were substantial.

Business disruption costs generally refer to revenue lost due to system downtime, missed business opportunities, customer attrition, reduced employee productivity, and reputation damage. Post-breach response costs include legal fees and regulatory fines as well as expenditures related to notifying customers, providing credit monitoring services, setting up support centers, implementing security upgrades, and recovering compromised data.

Combined, these costs totaled $2.8 million—the highest amount for lost business and post-breach activities in the past six years.

For the second consecutive year, phishing and stolen or compromised credentials were the most prevalent attack vectors, accounting for 15% and 16% of all breaches, respectively. These also had the second and third highest financial impact, with the average cost of a phishing-related breach at $4.88 million and a breach involving compromised credentials at $4.81 million.

Additionally, although business email compromise (BEC) was the fifth most common attack vector, it tied with phishing as the second most costly—emphasizing the considerable damage a single successful BEC attack can inflict.

Breaches involving stolen or compromised credentials also took the longest to identify and contain, lasting an average of 292 days. Similarly, the mean response time for breaches resulting from a phishing attack was 261 days, while breaches stemming from social engineering took an average of 257 days to resolve.

Part of what makes it difficult to detect attacks that target employees and focus on exploiting end-user access is that businesses must distinguish between legitimate and malicious user activity. And, unfortunately for enterprises, modern threat actors are remarkably skilled at blending in and covering their tracks.

One of the biggest findings revealed in the 2024 Cost of a Data Breach Report was the benefits of deploying AI and automation in what IBM defines as the four areas of security operations: prevention, detection, investigation, and response.

The average cost of a data breach for an organization not using AI and automation was $5.72 million. In contrast, companies extensively using these technologies had average costs of $3.84 million—a savings of $1.88 million.

Further, companies utilizing AI and automation identified and contained breaches, on average, nearly 100 days faster than those that hadn’t implemented these technologies.

In short, organizations that have yet to incorporate AI and automation into their security workflows can expect not only longer detection and containment times for data breaches but also higher breach costs compared to those that are already leveraging these solutions.

Even after containment, recovery from a data breach is a long and often arduous process. IBM defines a business as being “recovered” once the following criteria are met:

1. Business operations are back to normal in affected areas.

2. Compliance obligations, such as paying fines, have been met.

3. Customer confidence and employee trust have been restored.

4. Controls, technologies, and expertise have been put in place to prevent future breaches.

Only 12% of organizations surveyed reported full recovery from their breaches; the majority are still in the recovery phase. Among those that had fully recovered, 78% said it took longer than 100 days, and over one-third claimed they required more than 150 days to recover.

Researchers also evaluated 28 contributing factors to determine their influence on the average breach cost.

They examined the impact of each in isolation against the global average and found that employee training and the use of AI and machine learning insights minimized the costs of a data breach the most. On average, employee training reduced breach costs by $258,629, and AI/machine learning insights saved organizations $258,538.

Following a data breach, one of the most common mitigation strategies is to increase security investments—as was the case for 63% of the organizations surveyed for this report. Among the organizations that intend to increase their security investments, more than half reported plans to invest in threat detection and response technologies.

An AI-native security solution protects your organization from threat actors who target your employees with phishing, business email compromise, and social engineering attacks. While cybercriminals are always looking for new ways in, email remains the most common entry point due to its ease of access and lack of robust security protocols. To combat this risk, you need an advanced email security solution that goes beyond traditional tools and minimizes the risk posed by your biggest vulnerability: humans.

Download How to Protect Against the Human Vulnerability: Using AI to Prevent Novel Socially-Engineered Attacks to discover how Abnormal's AI-powered solution protects your organization from advanced attacks.