Security teams are getting better at detecting and responding to breach incursions, but attackers are inflicting greater pain on organizations’ bottom lines. IBM’s recent Cost of a Data Breach Report 2024 found the global average breach hit a record $4.88 million. That’s a 10% increase from 2023 and the largest spike since the pandemic.

While the study notes that organizations, on average, improved their time to identify and contain breaches, rising business costs drove the global average breach cost higher. Among the largest contributors were lost business costs, expenses from post-breach customer support (such as setting up help desks and credit monitoring services) and paying regulatory fines. Some 70% of the 604 organizations studied reported that their operations were either significantly or moderately disrupted.

The new research, conducted independently by Ponemon Institute and analyzed by IBM, studied breached organizations from 16 countries and regions and across 17 industries. It also included interviews with 3,556 security and business professionals from the breached organizations. In its 19th year, the Cost of a Data Breach Report provides actionable insights and up-to-date research, making it a critical benchmark for the industry.

While the report’s findings suggest some damages from a breach are unavoidable, they also highlight several risk areas that security teams can and should address. For instance, the findings underscore the growing importance of security AI and automation technologies for mitigating breach impacts and lowering costs associated with those breaches.

Below are those takeaways and several others from the Cost of a Data Breach Report 2024.

AI and automation in security most effective at reducing average costs

More organizations are adopting AI and automation in their security operations, up 10% from the 2023 report. And most promising, the use of AI in prevention workflows had the highest impact in the study, reducing the average cost of a breach by $2.2 million, compared to organizations that didn’t deploy AI in prevention.

Two out of three organizations in the study deployed AI and automation technologies across their security operations center. This factor may also have contributed to the overall decrease in average response times – those using AI and automation saw their time to identify and contain a breach lowered by nearly 100 days on average.

Only 20% of organizations said they are using gen AI security tools, yet those that did saw a positive impact, with gen AI security tools shown to mitigate the average cost of a breach by more than $167,000.

Read the report

Security staffing shortages led to higher breach costs and more security investment

Staffing shortages in security departments continued to grow, with 53% of organizations facing a high-level skills shortage, up 26% from 2023. The industry-wide skills shortage could be expensive for organizations. Those with severe staffing shortages experienced breach costs that were $1.76 million higher on average than those with low-level or no security staffing issues.

These staffing shortages may be contributing to the increasing use of security AI and automation, which has been shown to reduce data breach costs. At the same time, staffing shortages may see some ease, as businesses reported they intend to increase security investments as a result of the breach. Organizations planned investments including threat detection and response tools like SIEM, SOAR and EDR, according to the report. Organizations also plan to increase investments in identity access management, and data protection tools.

These additional investments could pay off in mitigating future breach costs. More organizations in 2024 identified the breach with their own security teams and tools (42%) compared to last year (33%), and those organizations had lower than average breach costs, including nearly $1 million lower on average than breaches that were identified by the attacker, such as in an extortion attack.

Cloud and data security issues remained prominent

Forty percent of breaches involved data stored across multiple environments including public cloud, private cloud and on-premise. These multi-environment breaches cost more than $5 million on average and took the longest to identify and contain (283 days), highlighting the challenge of tracking and safeguarding data, including shadow data, and data in AI workloads, which can be unencrypted.

The types of data records stolen in these breaches underscored the growing importance of protecting an organization’s most sensitive data, including customer personal identifying information (PII) data, employee PII, and intellectual property (IP). Costs associated with customer PII and employee PII records were the highest on average.

Customer PII was involved in more breaches than any other type of record (46% of breaches). However, IP may grow even more accessible as gen AI initiatives bring this data out in the open. With critical data becoming more dynamic and available across environments, businesses will need to assess the specific risks of each data type and their applicable security and access controls.

What else is new in the 2024 Cost of a Data Breach Report

Each year poses new data security challenges as threats and technologies emerge, and this report evolved to reflect these changes. New research conducted for the first time this year in the 2024 Cost of a Data Breach Report included:

  • Organizations experiencing long-term operational disruption, and the time it takes to restore data, systems or services to their pre-breach state
  • To what extent organizations are using AI and automation in each of four areas of security operations: prevention, detection, investigation and response
  • How long it took organizations to report the breach if they were mandated to do so
  • Whether organizations that involved law enforcement following a ransomware attack paid the ransom

Of course, the report continues to showcase the top costliest geographies and industries, the initial causes of data breaches and their costs, and much more. Importantly, the report continues to provide recommendations from IBM experts, addressing the report findings, to help organizations understand the risks and how to mitigate the impacts and potential costs of a data breach.

Download a copy of the 2024 Cost of a Data Breach Report, and sign up for the Cost of a Data Breach webinar on Tuesday, August 13, 2024, at 11:00 a.m. ET.

More from Risk Management

2024 roundup: Top data breach stories and industry trends

3 min read - With 2025 on the horizon, it’s important to reflect on the developments and various setbacks that happened in cybersecurity this past year. While there have been many improvements in security technologies and growing awareness of emerging cybersecurity threats, 2024 was also a hard reminder that the ongoing fight against cyber criminals is far from over.We've summarized this past year's top five data breach stories and industry trends, with key takeaways from each that organizations should note going into the following…

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

How TikTok is reframing cybersecurity efforts

4 min read - You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.Global Bug Bounty program with HackerOneDuring Cybersecurity Month, the social media…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today