© Copyright Acquisition International 2025 - All Rights Reserved.

Article Image - Average Cost of a Data Breach Reaches An All-Time High of $4.45m, But AI and Automation Continue to Save Time and Money
Posted 24th August 2023

Average Cost of a Data Breach Reaches An All-Time High of $4.45m, But AI and Automation Continue to Save Time and Money

IBM’s Cost of a Data Breach report has highlighted the increasing cost for companies that suffer a data breach. The report found that the average cost of a data breach is now at an all-time high of $4.45 million. This represents an increase from last year, up 2.3 percent and a mammoth 15.3 percent from the 2020 report.

Mouse Scroll AnimationScroll to keep reading

Let us help promote your business to a wider following.

Average Cost of a Data Breach Reaches An All-Time High of $4.45m, But AI and Automation Continue to Save Time and Money
AI Automation

The IBM Cost of a Data Breach 2023 report also highlights the consequences to smaller organisations as they face considerably higher data breach costs 

AJ Thompson, CCO, Northdoor plc  

IBM’s Cost of a Data Breach report has highlighted the increasing cost for companies that suffer a data breach. The report found that the average cost of a data breach is now at an all-time high of $4.45 million. This represents an increase from last year, up 2.3 percent and a mammoth 15.3 percent from the 2020 report. 

The report also highlighted that it is not just big business that is targeted by cyber criminals. All businesses no matter their size or market need to fully understand the threat they are facing and where vulnerabilities within their defences lie. 

 

Smaller organisations hit by considerably higher data breach costs 

The report found that in 2023 companies with more than 5,000 employees saw the average cost of a data breach actually decrease compared to last year. There might be a number of factors influencing this decrease, but certainly we have seen large organisations increase their spend on cyber defences over the past few months. 

However, smaller organisations, who might have paused or not increased spending on cyber defences in light of the uncertain economy have been hit by considerably higher data breach costs compared to 2022. Organisations with fewer than 500 employees saw average impact of a data breach increase from $2.92 million to $3.31 million or 13.4 percent. 

Those with 500-1000 employees saw an increase of 21.4 percent, from $2.71 million to $3.29 million and those in the 1001-5000 employee range saw the average cost of a data breach increase from $4.06 million to $4.87 million, a rise of nearly 20 percent. 

Still, too often, small businesses presume that they are not targeted by cyber criminals and that it is only enterprise level organisations under threat of being hacked. As the report confirms, this is not the case. All businesses, no matter their size or market have data that is potentially hugely valuable to cyber criminals and so by ignoring the threat, smaller businesses are putting themselves at risk. 

The cost of a data breach for the smallest companies, of on average, $3.31 million is huge and is more than enough to put them out of business. Therefore, instead of ‘saving’ money by not investing in cyber defences, all companies need to address the increasing threat from cyber criminals and ensure that their defences are able to keep them out and keep data safe.  

The cost of a breach inevitably trickles down to the consumer too. The report found that most organisations continue to increase the price of services and goods as a result of a data breach. 57 percent of respondents indicated that data breaches led directly to an increase in business offerings, passing on the cost to consumers. 

 

Phishing and stolen or compromised credentials responsible for majority of attacks 

The report also found that phishing and stolen or compromised credentials were the two most common initial attack vectors (the way for the attacker to enter a network or system). We have seen cyber criminals use increasingly sophisticated phishing attacks to target employees, which are often considered the ‘weakest link’ in the security defences of a company. This is reflected in the report with phishing attacks responsible for 16 percent of breaches and stolen or compromised credentials responsible for 15 percent. 

These were followed by cloud misconfiguration at 11 percent, followed by business email compromised at 9 percent. 

Companies, therefore, have to ensure that the weakest link in their security defences is strengthened considerably. The nature of the most recent phishing attacks means that employees have very little chance of being to filter out legitimate messages and malicious emails and need help in doing so.  

Encouragingly, the report suggests that businesses are doing exactly this. 

 

Majority of companies planning to increase security investments 

51 percent of businesses were planning to increase security investments because of a data breach. At a time where budgets are already stretched this is a really encouraging sign that companies are taking the threat, and consequences, of a cyber attack seriously. 

It is further encouraging where businesses are looking to spend the increased investment. The report found that incident response (IR) planning and testing, threat detection and response technologies were investment priorities, as was employee training. 

The latter is particularly significant given that phishing attacks are the most common way cyber criminals gain access to systems or network. Careful education of employees on what the threat looks like and how to deal with suspicious communication will be key in strengthening this ‘weakest’ element of cyber defence. There has to be a balance though. Too many messages can cause ‘security fatigue’ where employees, inundated with warnings, end up taking little notice of any of the messages, allowing malicious approaches to get through. Targeted, timely, education is the key.  

 

AI and automation save time and money 

The use of AI and automation solutions have had, according to the report, a real impact for businesses who use such solutions extensively within their defences. On average those companies with such solutions in place were able to identify and contain a breach 108-days shorter than those without. These companies also reported a $1.76 million lower data breach cost compared to organisations that didn’t have such capabilities.  

The time to identify the fact that a company has been breached is particularly significant. The recent hack of the elections watchdog highlights this. Not only were the details of tens of millions of voters potentially compromised it appears that the cyber criminals may have been in the system of the watchdog for some time, before being discovered. 

According to reports the attack was identified in October 2022, but the hackers had first been able to gain access to the commission’s systems in August 2021. This is a large amount of time for a cyber criminal to have, essentially, free reign, over systems and data. It gives them the time to understand where the most valuable data is stored and cause untold amounts of subtle damage all whilst the organisations is blissfully unaware of their presence. 

The use of AI and automation solutions, as highlighted in IBM’s Cost of a Data Breach report, has shown a significant reduction in the amount of time to discover a breach. Getting cyber criminals out of a system quickly reduces damage and potential cost. Therefore, any upfront investment in such technology can quickly show ROI. 

Whilst the report’s headlines will be focused on the ever-increasing cost of a data breach for most companies, there are, as has been discussed, a number of real positives. It seems that companies are recognising the real threat of cyber crime on their business and are willing to spend budget in order to close vulnerabilities and keep the criminal out. Ignoring the threat and ‘saving’ money by not investing in cyber defences is no longer an option.  

Cyber criminals are not going away and are only going to be increasing the number and level of sophistication of their attacks. Businesses must address the weak points of their defences, whether that be employees or vulnerabilities within their existing cyber solutions, or be prepared to pay a huge cost and possible loss of their business if they are hacked. 

Categories: Innovation, News


You Might Also Like
Read Full PostRead - Eye Icon
HOSTMAKER launches Bangkok branch
Finance
13/08/2018HOSTMAKER launches Bangkok branch

HOSTMAKER, the leading home rental management company in Europe, has today announced its launch into the Asian market, expanding into Bangkok, the world's most visited city.

Read Full PostRead - Eye Icon
Gen Z Is Coming: How Luxury Brands Can Survive and Thrive With the Next Generation 
News
20/07/2022Gen Z Is Coming: How Luxury Brands Can Survive and Thrive With the Next Generation 

Younger generations are continuing to encroach on the luxury market, and for brands it is important they get their share. Set to make up 50% of the whole market by 2025, Gen Zs and Millennials are fast becoming key stakeholders in the industry. For luxury bran

Read Full PostRead - Eye Icon
Advanced Enterprise Communication Solution
Innovation
09/04/2024Advanced Enterprise Communication Solution

Since its inception in 2002, CallTower has remained dedicated to delivering the world’s most advanced communications with its industry-leading Unified Communications as a Service (UCaaS), Contact Center as a Service (CCaaS) and Collaboration solutions.

Read Full PostRead - Eye Icon
Why digital could be the saviour of the UK high streets
Innovation
19/07/2019Why digital could be the saviour of the UK high streets

Time does not seem to be the best healer when it comes to the plight of UK high streets, with major retail losses making headlines in many national newspapers.

Read Full PostRead - Eye Icon
Alternative Assets No Longer Considered Alternative
Finance
22/07/2015Alternative Assets No Longer Considered Alternative

Alternative Assets No Longer Considered Alternative

Read Full PostRead - Eye Icon
A Guide To Keeping Your Business Compliant
Innovation
15/11/2019A Guide To Keeping Your Business Compliant

It is important to be compliant more than ever today in a time where data protection and cy-bersecurity are enormous topics that all business owners need to be wary of. Fortunately, it can be relatively straightforward to make sure that your business is compli

Read Full PostRead - Eye Icon
2016’s Most Innovative Hedge Fund Manager, Bermuda
Finance
30/06/20162016’s Most Innovative Hedge Fund Manager, Bermuda

Equilibria Capital is a highly innovative asset management company focused on managing investment funds and separate accounts for private and institutional clients.

Read Full PostRead - Eye Icon
Looking to Obtain Dual Citizenship? 4 Important Things to Consider
Legal
15/05/2023Looking to Obtain Dual Citizenship? 4 Important Things to Consider

With the world becoming increasingly connected, it's no surprise that more and more people are considering dual citizenship. In fact, if you want to obtain citizenship in the Caribbean, St Kitts and Nevis passport is one of the easiest to apply for.

Read Full PostRead - Eye Icon
Are Employees Stealing Time At Work? Tips On Preventing Time Theft In The Workplace
Leadership
20/07/2024Are Employees Stealing Time At Work? Tips On Preventing Time Theft In The Workplace

A minute or two one day and the same the next, over a week or so this can quickly add up. Time theft can be an expensive problem for any business, and it’s not always easy to spot it shows up in your operating budget.



Our Trusted Brands

Acquisition International is a flagship brand of AI Global Media. AI Global Media is a B2B enterprise and are committed to creating engaging content allowing businesses to market their services to a larger global audience. We have 14 unique brands, each of which serves a specific industry or region. Each brand covers the latest news in its sector and publishes a digital magazine and newsletter which is read by a global audience.

Arrow