The use of AI and automation in securing data after a cyberattack is helping to reduce the impact and cost of a breach. That is according to a new report from IBM that found a breach would cost UK organisations not using AI an average of £3.4m but that was reduced by £1.6m for those with AI tools.
The annual IBM Security Cost of a Data Breach report examines the impact of cybercrime on companies and methods used in mitigation. It is based on an in-depth analysis of real-world data breaches from more than 550 organisations around the world, occurring between March 2022 and March 2023.
As well as the impact of AI, the report found a long-term increase in the cost of data breaches in the UK, despite a £400,000 year-on-year drop between 2022 and 2023. Last year, the average cost of a breach in the UK was £3.8m, dropping to £3.4m this year but still up 9% since 2020. Globally, the cost of a data breach has increased year-on-year with a 15% rise over three years.
The report, sponsored by IBM Security with research by the Ponemon Institute, found that the cost of a breach was £1.6m less for organisations using AI to enhance security operations than those not using AI. This was in part due to AI’s ability to speed up breach identification and containment.
Researchers found that the average breach life cycle, in organisations using various types of AI toolsets and capabilities, was 108 days shorter than in organisations using more traditional security set-ups. Despite the evidence showing the benefit of AI, IBM Security found that the majority of UK organisations surveyed were not using AI or automation for security. Just 28% were using it widely and 37% were not using it at all.
The study of global breaches also revealed that, in the UK, the highest average cost of a data breach was in the financial services sector at £5.3m followed by the services sector at £5.2m. Most of the attacks came from stolen or compromised credentials, likely taken during previous breaches or from phishing attacks. The most costly point of entry was from malicious insiders, giving cybercriminals easier access to a system willingly. This led to breaches costing an average of £3.9m compared with a cost of £3.85m for phishing attacks or business email compromise attacks.
Global security investment divide
Globally, the report revealed a security investment divide. Despite the rising cost of attacks and 95% of those surveyed experiencing more than one breach, only 51% plan to increase their security investments.
Getting law enforcement involved seems to be a positive step. The report found that ransomware victims calling the authorities saved $470,000 compared with those not involving law enforcement. Despite the evidence of savings, 37% of ransomware victims revealed they did not involve law enforcement in a ransomware attack.
Only a third of those suffering a cyberattack found out about it as a result of detection by internal security teams. A similar percentage were told about the attack by the attacker and these instances cost $1m more than when the organisation spotted the breach themselves.
Of those breaches studied by the researchers, 40% resulted in the loss of data across multiple environments. This included public cloud, private cloud and on-premises. It shows that once in the system attackers could compromise multiple environments while avoiding detection from security professionals. Data breaches that impacted multiple environments also led to higher breach costs.
Martin Borrett, technical director for IBM Security UK & Ireland, said AI may be the driving force needed to bridge the speed gap between security and attackers. “The slight decline from last year in the overall cost of a data breach in the UK suggests the powerful impact security AI and automation may already be having on early adopters,” he added.