IBM has released its annual ‘Cost of a data breach report’ revealing the average cost of a data breach in South Africa reached R53,10 million in 2024.

Breaches are becoming more disruptive and further expanding demands on cyber teams. Globally, 70% of breached organisations reported that the breach caused significant or very significant disruption.

Lost business and post-breach customer and third-party response costs were behind the year-on-year cost spike worldwide as collateral damage from data breaches intensified. The disruptive effects of data breaches on businesses are not only driving up costs but also extending the after-effect of a breach. Globally, full recovery took more than 100 days for most of the small number (12%) of breached organisations.

The report is based on in-depth analysis of real-world data breaches experienced by 604 organisations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute and sponsored and analysed by IBM, has been published for 19 consecutive years and has studied the breaches of more than 6 000 organisations. It is an industry benchmark.

Some key findings in the 2024 report on South Africa include:

• AI-powered security pays off – 78% of organisations studied are deploying AI and automation across their security operation centres (an almost 10% jump from the prior year). When these technologies are used extensively, organisations reduce breach costs by an average of R19 million compared to those without security AI and automation deployments.
• Hacking the clock with AI – Organisations using security AI and automation extensively detect and contain an incident, on average, 88 days faster than companies not using these technologies.
• Stolen credentials top initial attack vectors – At 17%, stolen or compromised credentials are the most common initial attack vector representing an average cost of R56 million per breach followed by phishing at 12% of cases (R56,31 million). Business email compromise is the most expensive entry point (R63 million) at 10% of breaches studied.
• Data visibility gaps – 49% of breaches involve data stored across multiple environments including public and private cloud and on premises. These breaches are also the most expensive at R59 million on average and take the longest to identify and contain (263 days).
• Industries impacted – Financial services experience the costliest breaches across industries with average costs reaching R75,31 million followed by the industrial sector (R67,26 million) and hospitality (R61,76 million).
• Data breach lifecycle – Surveyed organisations need an average of 227 days to identify and contain incidents, which is 31 days below the global average for the data breach lifecycle of 258 days.
• Key factors increase costs – The top three factors that amplify breach costs are security system complexity, security skills shortage and non-compliance with regulations.

“South African organisations are facing cyber threats and data breaches at an exponential rate, and this highlights the urgent need for robust cybersecurity measures. As the complexity and frequency of these threats continue to grow, deploying AI-driven security solutions becomes crucial in safeguarding our national digital infrastructure,” says Ria Pinto, general manager and technology leader at IBM South Africa. “AI-driven security solutions can support the detection and mitigation of risks more efficiently. They are also critical in fortifying the defences of our organisations to help ensure business resilience and empower organisations to navigate the evolving cyber landscape securely and confidently.”

Security staffing shortages drive breach costs

More than half of the organisations studied globally had severe or high-level staffing shortages last year and experienced significantly higher breach costs as a result. This comes at a time when organisations are racing to adopt GenAI technologies, which are expected to introduce new risks for security teams.

According to a study by the IBM Institute for Business Value, 51% of business leaders surveyed are concerned about unpredictable risks and new security vulnerabilities arising and 47% about new attacks targeting AI.

Mounting staffing challenges may soon be resolved as more organisations worldwide implement plans to increase security budgets compared to last year (63% versus 51%). Employee training is emerging as a top planned investment area. Globally, organisations are also planning to invest in incident response planning and testing, threat detection and response technologies (such as SIEM, SOAR and EDR), identity and access management and data security protection tools.

Other key global findings in the report include:

• Increased internal detection – 42% of breaches were detected by an organisation’s own security team or tools compared to 33% in the prior year. Internal detection shortened the data breach lifecycle by 61 days and saved organisations nearly US$1 million in breach costs compared to those disclosed by an attacker.
• Fewer ransoms paid when law enforcement is engaged – By bringing in law enforcement, ransomware victims saved on average nearly US$1 million in breach costs compared to those who didn’t. Most ransomware victims (63%) who involved law enforcement were also able to avoid paying a ransom.
• Breach costs passed to consumers – 63% of organisations worldwide would increase the cost of goods or services because of the breach – a slight increase from last year (57%) – marking the third consecutive year that most studied organisations stated they would take this action.

Download a copy of the ‘2024 Cost of a data breach report’. You can also sign up for the webinar on Tuesday, August 13, 2024, at 17:00 SAST.