How companies and consumers are being affected
Of all the data breaches analyzed by IBM Canada, financial services and technology companies experienced the costliest breaches, with average costs of $9.28 million and $7.84 million, respectively. Phishing attacks were the most common type of initial attack vector, representing 14% of incidents and costing an average of $6.38 million per breach.
According to the report, organizations with extensive use of AI and automation in their security operations had breach lifecycles that were 54 days shorter and cost $2.84 million less on average compared to companies not using these technologies. Additionally, employee training and identity and access management were identified as key factors in helping to reduce data breach costs.
The report also highlighted the importance of having proper storage and management of data, since 33% of breaches involved data stored across multiple environments and 31% involved data stored solely on the public cloud. Breaches solely involving the public cloud were also the most expensive to remediate, at $6.74 million on average.
While this may raise many red flags for compnaies and its employees, the costs of these breaches are passed down to consumers, with 63% percent of organizations worldwide stated they would increase the cost of goods or services because of the breach this year. This is a slight increase from last year (57%).
For a third consecutive year, the majority of studied organizations stated they would take this action.
Empower your investments with Qtrade
Discover Qtrade's award-winning platform and take control of your financial future. With user-friendly tools, expert insights, and low fees, investing has never been easier.
Start Trading TodayWhat does cyber attacks look like on a global scale?
When traversing beyond the Canadian border and scrutinizing threat actors' cyber hacking tendencies worldwide, stolen/compromised credentials was the most common initial attack vector, at 16%. These breaches also took the longest to identify and contain at nearly 10 months.
By bringing in law enforcement, ransomware victims saved on average nearly USD$1 million in breach costs compared to those who didn't – those savings excluded the ransom payment for those that paid. Most ransomware victims (63%) who involved law enforcement were also able to avoid paying a ransom.
Similar to Canada, critical infrastructure organizations are the most sought after by hackers, with healthcare, financial services, industrial, technology and energy organizations incurring the highest breach costs across industries.
For the 14th year in a row, healthcare participants saw the costliest breaches across industries with global average breach costs reaching USD$9.77 million.
Research methodology
The report is based on an analysis of 604 organizations globally between March 2023 and February 2024. It is conducted by Ponemon Institute, and sponsored and analyzed by IBM. It has been published for 19 consecutive years and has studied the breaches of more than 6,000 organizations. To calculate the average cost of a data breach, IBM excluded very small and very large breaches. Data breaches examined in the 2024 report ranged in size between 2,100 and 113,000 compromised records.
Sponsored
Trade Smarter, Today
Build your own investment portfolio with the Investor's Edge online and mobile trading platform and enjoy low commissions. Get up to $100 in commission-free options until October 31, 2024.