IBM Security report reveals huge business data breach costs

IBM Security’s report suggests that UK organisations face costs of £3.4m (US$5.1m) for data breaches, but that AI will help to reduce damage to businesses

IBM Security has released its annual Cost of a Data Breach Report for 2023 which confirms that the average cost of a data breach to UK organisations is £3.4m (US$5.1m). 

The company reported that the global average cost of data breaches reached US$4.5m this year, but of 95% of those surveyed having experienced one breach, only 51% plan to increase security investments.

AI and automation have the biggest impact on UK businesses’ speed of breach identification and containment. IBM stated in its report that organisations that have already deployed these tools paid an average of £1.6m (US$2m) less than those who did not leverage the technology.

Global businesses without security infrastructure incur higher costs

With the ever-increasing risks of cyber fraud, cyber-attacks and identity fraud have increased in scale and sophistication. It is important for businesses and organisations to continue to combat continued ransomware and phishing attacks on global businesses, using AI as a tool to do so.

Currently, only 28% of UK organisations are currently working with AI and automation for security purposes. IBM’s report suggests that leveraging security AI and automation, the average time to identify a breach is reduced from 220 to 148 days. In addition, it highlights that the time to contain such a breach is reduced from 81 to 45 days.

Martin Borrett, Technical Director of IBM Security UK & Ireland, said: “With a 108-day average reduction in the breach lifecycle, security AI and automation may be the driving force needed to help defenders bridge the speed gap with attackers. 

“The slight decline from last year in the overall cost of a data breach in the UK suggests the powerful impact security AI and automation may already be having on early adopters.”

On the other hand, global victims of ransomware attacks that chose not to involve law enforcement faced US$470,000 in extra costs, according to IBM.

According to the study, organisations that deployed security AI and automation extensively throughout security operations and within several different toolsets and capabilities – paid significantly less in data breach costs than organisations that did not use these technologies. 

37% of UK organisations surveyed have not yet adopted these technologies. This year’s report does show a decrease in the total average cost of a data breach in the UK, but still marks a 9% increase since 2020.

Expense and consequence: the cost of critical cybersecurity technologies

IBM also reported that only one third of studied breaches were detected by an organisation’s own security team, compared to 27% that were disclosed by an attacker. Data breaches disclosed by the attacker cost nearly US$1m more on average compared to studied organisations that identified the breach themselves.  

With increased hybrid working across the world in the wake of the COVID-19 pandemic, plenty of cybersecurity challenges are presented that inevitably impact remote working. IT and cybersecurity teams are tasked with ensuring that company infrastructure is equipped to be able to securely handle this ever-evolving working environment.

Indeed, security analysts have already admitted in another report that their organisations may have already experienced a cyber breach without their knowledge. Vectra AI recently suggested that 71% of organisations may have experienced a data or cyber breach and not know about it, with a report stating that security technologies need to be updated.

The IBM report also found that stolen or compromised credentials was the most common entry point for cyber attackers at 13%. Malicious insiders were the most expensive initial attack vector (£3.9 million/US$5m), followed by business email compromise (£3.86 million/US$4.95m) and phishing (£3.85 million/US$4.94).

Globally, phishing attacks alone have risen by 464% since 2022 which stresses the urgency of combatting increased cyber attacks.


For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.


Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security