The average cost of a cyber breach is up to $10 million, but can be mitigated with defensive AI

While the cost of cybersecurity attacks increased 10% year-over-year — the largest annual increase since the pandemic — the use of artificial intelligence and automation in defensive cybersecurity workflows continues to cut the cost of a breach, according to IBM Security’s 2024 Cost of a Data Breach Report, conducted independently by the Ponemon Institute.

Key recommendation: Invest in AI-powered defenses to “address emerging risks and opportunities created by AI,” Kevin Skapinetz, vice president of product strategy and design at IBM Security, said in Tuesday’s announcement.

AI can reduce the severity of breaches

When used “widely,” organizations saved an average of $2.2 million in breach costs compared to those that did not use AI-driven defenses in their security processes, the company said, marking the largest cost savings in its annual study.

Now in its 19th year, IBM’s benchmark study analyzed real-world data breaches experienced by 604 organizations globally from March 2023 to February 2024.

The use of generative AI for business operations has grown rapidly across many industries, expanding the attack surface and introducing new risks for security teams.

“These costs will soon become unsustainable,” Skapinetz said in a statement.

In healthcare, the most impacted industry for the 14th consecutive year, data automation and AI integration leverage electronic health records and other systems, such as patient portals. Many vendors now offer chatbot-based access to machine learning algorithms that streamline operations and reduce the administrative burden that plagues the healthcare ecosystem.

Across industries, researchers found that 67% of organizations have deployed AI analytics and security automation — up nearly 10% year-over-year — while 20% noted they use some form of machine learning-based security tools.

Researchers found that the increased use of AI tools in security cuts the cost of a breach by an average of $2.2 million. Two out of three organizations studied this year are deploying security AI and automation across their security operations centers.

Law enforcement is another key to cost savings. Ransomware victims save an average of nearly $1 million in breach costs by engaging such agencies.

While 70% of breached organizations reported that attacks caused significant disruption, the global average data breach lifecycle reached a seven-year low of 258 days — down from 277 days in the 2023 report. By improving threat mitigation and remediation activities and using AI and security automation extensively to detect and prevent cyber incidents, security teams have saved time, the researchers said in a statement.

On average, it’s 98 days faster than organizations that don’t use these technologies, according to the analysis.

More money for the tech workforce

Organizations are also facing more severe staffing shortages, with the average total cost of a breach reaching $5.74 million for high-level shortages compared to $3.98 million for lower-level shortages, according to the report.

Since last year’s study, shortages have increased by 26%, resulting in average breach recovery costs $1.76 million higher than those with few or no security staffing issues.

As a result, more organizations said they were planning to increase their security budgets compared to last year – 63% compared to 51% – to address gaps in resources and technical skills.

Increasing employee training is a top investment priority, researchers say.

Violation detected due to data display gap

The breaches that took the longest to identify and contain – an average of 283 days – involved data stored across multiple environments, including public cloud, private cloud, and on-premises.

These types of breaches accounted for 40% of the breaches studied, with an average recovery cost of more than $5 million.

Notably, a 27% increase in intellectual property theft pushed costs up nearly 11% year-over-year to $173 per record.

The researchers also said adding genAI to the network pushes data closer to the surface, and attributed the most common initial attack vector to stolen or compromised credentials (16%).

Data exchange initiatives break down barriers aimed at streamlining operations and complying with information sharing requirements across many industries, including healthcare.

With more activity across multiple environments, organizations must reassess security and access controls, researchers say.

Passing the extra costs on to consumers

While organizations said they plan to invest more in incident response plans, testing, threat detection and response technologies, and better identity and access management, 63% of organizations said they will increase consumer spending on goods or services due to a breach this year.

“Businesses are caught in a constant cycle of breaches, containment, and responding to the consequences,” Skapinetz said in a statement.

“This cycle now often includes investments in beefing up security defenses and shifting the cost of a breach onto consumers – turning security into a new cost of doing business.”

According to KFF’s recent report on health care cost challenges in the United States, health care costs are expected to increase by 8% over the next year, and more than one in four adults say they skipped or postponed getting health care they needed in the previous 12 months because of cost.

Rising costs for whatever reason can ultimately impact access to health care.

Andrea Fox is senior editor of Healthcare IT News.
Email: [email protected]
Healthcare IT News is a publication of HIMSS Media.

The HIMSS Healthcare Cybersecurity Forum is scheduled to take place October 31 through November 1 in Washington, DC. Learn more and register.