Breaches of organizations that employ automation and AI in their security systems on average cost over $3 million less compared to businesses that have no such deployment. This takeaway comes from the latest annual Cost of a Data Breach report sponsored, analyzed and published by IBM Security™ using research conducted by the Ponemon Institute.

The Benefits of Automation Keep Growing

In 2021, the difference in cost between organizations with fully deployed automated security structures compared to those with no security automation in the report is a gap of USD 3.81 million.

The cost differences continue the trend indicated by previous Cost of a Data Breach reports of an increasingly wider gap between those with and without security automation shown in previous years. In 2020, organizations with a fully automated security structure paid USD 3.58 million less than those with no automation in place. The gap was USD 2.51 million in 2019.

Download the Report

At the same time, the share of businesses that have at least partially deployed security automation or AI increased six points from 2020 to 2021, from 59 percent to 65 percent. Respondents reporting fully deployed automation for the organizations in the same period went from 21 percent to 25 percent, while those respondents claiming partially deployed automation grew from 38 percent to 40 percent.

Automation and AI dramatically reduce the days needed to identify and contain a data breach. For organizations with fully deployed security AI or automation, it took an average of 184 days to identify the breach and 63 days to contain the breach, for a total lifecycle of 247 days. Organizations with no security AI or automation deployed took an average of 239 days to identify the breach and 85 days to contain, for a total lifecycle of 324 days.

To put this difference of 77 days into perspective, for fully deployed organizations, a breach occurring on 1 January would on average take until 4 September to identify and contain. In contrast, for organizations with no automation deployed, a breach on 1 January would take on average until 20 November to identify and contain.

The time it takes to identify and contain a breach has consistently been correlated with the overall cost of a breach. The longer threat actors are in an environment, the more opportunities they have to cause damage to systems and the broader the infection can become. Simply put, when it comes to breaches, time is money. Automation helps significantly reduce this time to find and repair any issues earlier and reduce costs associated with a data breach.

Automation and AI Benefits Extend Beyond Breaches

Automation and AI also act as force multipliers for an organization, increasing the effectiveness of the existing workforce while assuming responsibilities for mundane tasks. Beside saving costs, this gives security officers at a business more time and resources to focus on data breaches.

Additionally, some industries have extra regulatory requirements around their data, such as healthcare and finance. Automation and AI can parse different streams of data from different sources to maintain regulatory compliance. The healthcare and finance industries in particular have invested more resources in automation and AI for cybersecurity in recent years.

The process of incorporating security automation and AI can be challenging and complex to implement if there are no experts in the field within an organization. Fortunately, IBM Security offers external expertise to assist in fulfilling this need.

Take Time to Discover More

This blog is the third in a series covering security measures organization leaders can take to address data breaches, following zero trust and risk quantification. The next installment addresses a final element to consider, cloud security. For an overview of all these issues, read the report to learn more about what options exist to address a data breach.

More from Artificial Intelligence

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…

Artificial intelligence threats in identity management

4 min read - The 2023 Identity Security Threat Landscape Report from CyberArk identified some valuable insights. 2,300 security professionals surveyed responded with some sobering figures: 68% are concerned about insider threats from employee layoffs and churn 99% expect some type of identity compromise driven by financial cutbacks, geopolitical factors, cloud applications and hybrid work environments 74% are concerned about confidential data loss through employees, ex-employees and third-party vendors. Additionally, many feel digital identity proliferation is on the rise and the attack surface is…

AI reduces data breach lifecycles and costs

3 min read - The cybersecurity tools you implement can make a difference in the financial future of your business. According to the 2023 IBM Cost of a Data Breach report, organizations using security AI and automation incurred fewer data breach costs compared to businesses not using AI-based cybersecurity tools. The report found that the more an organization uses the tools, the greater the benefits reaped. Organizations that extensively used AI and security automation saw an average cost of a data breach of $3.60…