IBM Security recently released its annual Cost of a Data Breach Report, which revealed that South African organizations faced an average data breach cost of R49.45 million in 2023.
This figure marks an all-time high for the report, with an 8% increase over the last three years and a staggering 73% increase since South Africa was first included in the report eight years ago.
Rising Per Record Average Cost
The report highlighted that the per-record average cost of data breaches also reached an all-time high at R2,750, representing a significant 20% increase from R2,300 in 2021.
Breakdown of Breach Costs
The cost breakdown of data breaches showed that detection and escalation costs accounted for the highest portion at R20.88 million.
This indicated a shift towards more complex breach investigations. Following this, costs associated with lost business were R13.56 million, post-breach responses were R13.29 million, and notifying relevant stakeholders amounted to R1.72 million.
Sector-Specific Data Breach Costs
The financial sector experienced the highest average costs of data breaches, totaling R73.1 million, according to the 2023 IBM report.
The industrial and services sectors followed, with R71.37 million and R58.78 million, respectively.
Common Cyber Threats
The majority of cyber threats in South Africa resulted from stolen or compromised credentials and phishing scams, constituting 14% each as the initial attack vectors.
Compromised business emails accounted for 12% of attacks, while cloud misconfiguration was responsible for 11% of breaches. Globally, the study found that 95% of organizations surveyed, including those in South Africa, had experienced more than one breach.
Interestingly, breached organizations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%).
Modernizing Security Strategies with AI and Automation
Ria Pinto, General Manager, and Technology Leader at IBM South Africa emphasized that the financial sector, being the most targeted, requires enhanced protection of financial data.
Pinto suggested modernizing perimeter security strategies using zero-trust security solutions underpinned by AI and automation to increase cyber resiliency and manage risks in compliance with data privacy policies like the Protection of Personal Information Act (POPIA).
Impact of AI and Automation on Breach Identification and Containment
The report emphasized that AI and automation had a significant impact on the speed of breach identification and containment for studied organizations.
Those extensively utilizing AI and automation experienced a data breach lifecycle 95 days shorter compared to those that did not deploy these technologies (190 days versus 285 days).
Furthermore, extensively deploying security AI and automation resulted in nearly R10.49 million lower data breach costs on average, making it the most significant cost-saving measure identified in the report.
Despite this, only 28% of surveyed organizations extensively implemented these technologies, indicating a substantial opportunity for organizations to enhance detection and response speeds.
Focus on Early Detection and Response
Chris McCurdy, General Manager, Worldwide IBM Security Services, highlighted the importance of early detection and fast response in cybersecurity.
He stressed the need for security teams to focus on preventing adversaries from achieving their goals. Investments in threat detection and response approaches like AI and automation are crucial to tipping the balance in favor of defenders.
Key Findings and Insights
The 2023 Cost of Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 553 organizations globally (including 21 in South Africa) between March 2022 and March 2023.
The research, sponsored and analyzed by IBM Security, was conducted by Ponemon Institute and has been published for 18 consecutive years.
Breaching Data Across Environments and Incident Response Advantage
The report also revealed that over 51% of data breaches studied resulted in data loss across multiple environments, including public cloud, private cloud, and on-premises. This showed attackers’ ability to compromise multiple environments while evading detection and led to higher costs (averaging R51.49 million).
Furthermore, studied organizations with a high-level incident response (IR) team and a robust IR plan with regular testing experienced an average data breach cost of R2.96 million and R2.92 million, respectively, lower than those with a low-level or no use of an IR approach.