Security AI and automation may reduce cost of data breaches

The average cost of a data breach to a UK organisation now stands at £3.4m, but this figure drops by approximately £1.6m at organisations that have “extensively” deployed artificial intelligence (AI) and automation as part of their cyber security stack.

This is one of the key findings in the 18^th edition of IBM’s annual Cost of a data breach report, which also revealed advanced security technology has a big impact on how quickly organisations can identify and contain data breaches, in some cases reducing the average breach lifecycle by 108 days.

However, it added, only 28% of UK organisations are currently deploying such technology extensively – by which IBM means throughout their security operations and in several different toolsets and capabilities – and 37% had not deployed anything of the sort.

“With a 108-day average reduction in the breach lifecycle, security AI and automation may be the driving force needed to help defenders bridge the speed gap with attackers,” said Martin Borrett, technical director of IBM Security for the UK and Ireland.

Overall, the average cost of a data breach in the UK today has dropped by approximately £400,000, from £3.8m to £3.4m, although it should be noted that this is 9% up on the total cost observed in the 2020 report, for which data would have been gathered prior to the outbreak of the Covid-19 pandemic.

“The slight decline from last year in the overall cost of a data breach in the UK suggests the powerful impact security AI and automation may already be having on early adopters,” said Borrett.

The 2023 dataset reveals the UK industries with the highest average data breach costs are those of finance (£5.3m), services (£5.2m) and technology (£4.9m).

The most common entry point for malicious actors was via stolen or compromised credentials, observed in 13% of cases, but the most expensive initial attack vector was found to be malicious insiders (£3.9m), followed by business email compromise (£3.86m) and phishing (£3.85m).

More widely, the average cost of a breach in the UK came in slightly below the global average, which hit an all-time high of $4.5m (£3.5m), with breaches affecting operators of critical national infrastructure among the most expensive incidents, with an average cost of $5m per incident.

In nearly 40% of the cases studied, data breaches resulted in the loss of data across multiple environments – including both public and private clouds and on-premise.

IBM also reported that while 95% of organisations surveyed experienced more than one breach, only 51% had any plan to increase their security investment, a concerning statistic that takes on additional weight given the data showed that only a third of studied breaches were detected by the victim’s own security team, compared with 27% that were disclosed by the attacker, for example, via a name-and-shame leak site.

Furthermore, in instances where the attacker disclosed the breach, the incident cost an average of $1m more.