New research has outlined how the average cost of data breaches for UK companies is continuing to rise, with customers potentially bearing the brunt.
A report from IBM claims a 5% increase over the course of 2024 so far brings the average data breach cost to £3.58 million per incident.
This figure grows to an eye-watering £6.05 million for attacks in the financial sector, followed by over £5.51m in professional services, and £5.4 million in tech.
Lengthy recovery periods
Stolen credentials and phishing attacks were the leading tactic deployed as initial attack vectors in data breaches, leading to an average cost of £$.27 million and £3.59 million respectively.
As collateral damage has been amplified, over 60% of organisations worldwide have stated that they will increase the cost of goods and services this year as a result of breaches and the associated costs.
Globally, only 12% of breached organisations said they were able to fully recover from a data breach, with most taking over 100 days to do so, with internal detection usually saving a company up to $1 million and shortening the process by 61 days in comparison to incidents disclosed by an attacker.
Severe IT staffing shortages worldwide have resulted in higher breach costs, pushing companies to increase security budgets and invest in staff training. Also driving up costs are the disruption to business, and post-breach third party and customer responses.
Companies can try to mitigate the damage, with most ransomware victims who involve law enforcement avoiding paying the ransom (63%). Victims that used security AI and automation to detect and contain incidents were an average of 106 days faster than those without.
However, adopting Gen AI technologies are expected to introduce new risks for security teams, and 47% of business leaders surveyed were concerned with new attacks targeting AI, and 51% were apprehensive about new security vulnerabilities and unpredictable risks this may bring.
“In a landscape marked by increasing cyber threats, this year’s report highlights critical vulnerabilities and strategic opportunities,” said Martin Borrett, Technical Director, IBM Security UKI.
“Worldwide, organisations with severe security staffing shortages were affected by a substantial rise in breach costs. Security AI and automation are effective in supporting team efforts to identify and accelerate incident response, helping UK companies reduce both breach expenses and business impact. Robust, AI-driven security measures are essential, and addressing regulatory non-compliance and IoT vulnerabilities remains crucial.”
