Average 数据泄露 Cost Hits All-time High of $4.4M

According to IBM’s annual 数据泄露 report, the average cost of a data breach reached an all-time global high of $4.4500万，增加了2个.从2022年到2015年的3%.2020年以来的3%.

而4美元.45 million is the average across the 16 countries included in IBM’s survey of 553 organizations, breaches in the United States cost far more than the average. The 2023 average hit $9.4800万年, according to the report.

Health care organizations saw even more of a jump—the average cost of a breach for the sector rose 53.3% in the same period, IBM said in its 2023 report. This year was the thirteenth in a row when the health care sector reported the highest average breach cost (now at $10.9300万). The average cost per breached record increased slightly to a new high—up to $165 per record from $164 one year ago. This has jumped from $146 in 2020, IBM noted. The survey assessed breach events with a range of 2,200 to 102,000 records.

在调查中, the firm highlighted breach investigation tactics that could either reduce costs or increase them. 例如, organizations that didn’t call in law enforcement during ransomware attacks experienced an extra $470,000 in costs 平均 and faced longer recovery times.

“While 63% of respondents said they involved law enforcement, the 37% that didn’t paid 9.6% more and experienced a 33-day longer breach lifecycle,” IBM noted. Longer breaches, in general, produce higher than average costs—events stretching over 200 high $4.95 million 平均, while those at fewer than 200 days cost 23% less at $3.9300万年.

Threat detection costs appeared to drive the average breach cost, rising 42% in the last three years, according to the report, suggesting cyber event investigations have become more complex.  Just one in three respondents said their own security teams detected breaches—it was far more likely (67%) for third parties or attackers themselves to reveal intrusions. Organizations also faced nearly $1 million in extra costs when cyber threat actors disclosed breaches. Cyber attackers also showed an increasing preference for infiltrating the cloud – 82% of the breaches evaluated involved cloud data in public, 私人, 或者混合环境. When threat actors could access multiple environments, breach costs skewed even higher, 平均可达4美元.7500万年.

尽管成本更高, just 51% of organizations said they planned to increase their cybersecurity spending. Instead, more than half (57%) said they would pass the costs through to customers. Nearly all (95%) surveyed organizations had experienced more than one breach.

One area where organizations may want to invest more is in artificial intelligence tools to help detect breaches. Businesses leveraging AI and automation tools extensively in their networks identified and contained breaches, 平均, 108 days quicker than their less tech-forward counterparts and saw average costs of $1.76 million lower than other organizations.

“Time is the new currency in cybersecurity, both for the defenders and the attackers. 正如报告所示, early detection and fast response can significantly reduce the impact of a breach,克里斯·麦科迪说, 总经理, 在世界范围内, IBM安全服务, 在声明中. “Security teams must focus on where adversaries are the most successful and concentrate their efforts on stopping them before they achieve their goals. Investments in threat detection and response approaches that accelerate defenders’ speed and efficiency—such as AI and automation—are crucial to shifting this balance.”

网络风险 & Liabilities document is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice. ©2023 Zywave, Inc. 版权所有.