August 20, 2024 By Jonathan Reed 2 min read

Industrial organizations recently received a report card on their performance regarding data breach costs. And there’s plenty of room for improvement.

According to the 2024 IBM Cost of a Data Breach (CODB) report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the sector compared to 2023.

These figures place the industrial sector in third place for breach costs among the 17 industries studied. On average, data breaches cost industrial organizations 13% more than the $4.88 million global average.

Clearly, the industrial sector is facing strong headwinds when it comes to dealing with data breaches. Let’s take a closer look at some of the challenges tied to the sector, as well as solutions that can help reduce the impact of cyberattacks on industrial organizations.

Highest increase in cost of data breach

The industrial sector experienced the highest data breach cost increase of all industries surveyed in the 2024 COBD report, rising by an average of $830,000 per breach over last year. Organizations in this sector are highly sensitive to operational interruptions since a manufacturing plant shutdown can be devastating. For example, unplanned downtime, perhaps due to ransomware, could cost up to $125,000 per hour.

Part of the problem may be found in the time to identify and contain a data breach at industrial organizations. At 199 days to identify and 73 days to contain, this is above the global average of 194 days to identify and 64 days to contain.

The 2024 COBD report also revealed the root causes of a data breach for industrial organizations, which are:

  • Malicious attack (47%)
  • IT failure (26%)
  • Human error (27%)
Read the report

Regulations for the industrial sector

The industrial sector faces unique regulations that also may contribute to data breach costs. For example, the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) applies to the energy sector, requiring stringent cybersecurity measures to protect the bulk power system. This includes asset management, personnel training, incident reporting and recovery plans​. Non-compliance with NERC CIP standards can result in fines of up to $1 million per day per violation, highlighting the critical importance of adhering to these cybersecurity measures​.

Furthermore, the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) aims to mandate how critical infrastructure organizations will be required to report cyber incidents to the federal government. Within the realm of critical infrastructure, a large part of the industrial sector will be required to adhere to these requirements as well.

Industrial sector cybersecurity needs

The industrial sector requires specialized cybersecurity solutions due to its reliance on operational technology (OT) and industrial control systems (ICS). Also, the interconnected nature of industrial supply chains makes vendor risk management and secure communication channels imperative.

For the industrial sector, hybrid cloud environments are evolving and scaling faster than ever, creating a larger and more complex attack surface. To meet these demands, Security Information and Event Management (SIEM) can help industrial organizations detect and prioritize threats. SIEM provides real-time visibility, enabling the rapid identification and response to potential security incidents.

AI and automation cut data breach costs

The 2024 CODB report also revealed that only 32% of industrial organizations implement extensive use of security AI and automation. Meanwhile, a $1.9 million cost savings was shown with extensive use of security AI and automation versus no security AI and automation.

AI-powered automation can accelerate threat response dramatically and drive down data breach costs considerably. For industrial organizations, this can minimize business risk while reducing damages and service interruptions.

Let’s hope that next year’s CODB report will show a new trend for the industrial sector, one that reveals costs are coming down.

More from Data Protection

Third-party access: The overlooked risk to your data protection plan

2 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors.The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In this…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today