IBM has released its annual Cost of a Data Breach Report revealing the average cost of a data breach in South Africa reached R53.10 million in 2024, as breaches grow more disruptive and further expand demands on cyber teams.
Globally, 70% of breached organisations reported that the breach caused significant or very significant disruption.
Lost business and post-breach customer and third-party response costs drove the year-over-year cost spike worldwide, as the collateral damage from data breaches has only intensified. The disruptive effects data breaches are having on businesses are not only driving up costs but are also extending the after-effect of a breach. Globally, recovery took more than 100 days for most of the small number (12%) of breached organisations that were able to fully recover.
The 2024 Cost of a Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 604 organisations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute, and sponsored and analysed by IBM, has been published for 19 consecutive years and has studied the breaches of more than 6,000 organisations, becoming an industry benchmark.
Some key findings in the 2024 IBM report for South Africa include:
AI-powered security pays off – 78% of organisations studied are deploying security AI and automation across their security operation center (SOC), nearly 10% jump from the prior year. When these technologies were used extensively, local organisations incurred an average R19 million less in breach costs, compared to those without security AI and automation deployments.
Hacking the clock with AI – Organisations that employed security AI and automation extensively detected and contained an incident, on average, 88 days faster than companies not using these technologies.
Stolen credentials topped initial attack vectors – At 17%, stolen/compromised credentials was the most common initial attack vector and represent an average total cost of R56.02 million per breach. Followed by phishing at 12% of cases (R56.31 million). Business email compromise was the most expensive entry point (R63 million) at 10% of breaches studied.
Data visibility gaps – According to the 2024 report,49% of breaches involved data stored across multiple environments including public cloud, private cloud and on-prem. These breaches were also the most expensive at R59 million on average and took the longest to identify and contain (263 days).
Industries impacted – In South Africa, financial services participants saw the costliest breaches across industries with average costs reaching R75.31, followed by industrial sector (R67.26) and hospitality (R61.76).
Data breach lifecycle – Organisations studied needed an average of 227 days to identify and contain incidents, 31 days below the global average for the data breach lifecycle, which was 258 days.
Key factors that increased costs – The top three factors that amplified breach costs for local organisations were security system complexity, security skills shortage and non-compliance with regulations.
“South African organisations are facing cyber threats and data breaches at an exponential rate, and this highlights the urgent need for robust cyber security measures. As the complexity and frequency of these threats continue to grow, deploying AI-driven security solutions becomes crucial in safeguarding our national digital infrastructure,” said Ria Pinto, General Manager and Technology Leader, IBM South Africa.
“AI-driven security solutions can support the detection and mitigation of risks more efficiently. They are also critical in fortifying the defenses of our organisations to help ensure business resiliency and empower organisations to navigate the evolving cyber landscape securely and confidently.”
Security staffing shortages drove up breach costs
More than half of the organisations studied globally had severe or high-level staffing shortages last year and experienced significantly higher breach costs as a result (US$5.74 million for high levels vs. US$3.98 million for low levels or none). This comes at a time when organisations are racing to adopt generative AI (gen AI) technologies, which are expected to introduce new risks for security teams. In fact, according to a study from the IBM Institute for Business Value, 51% of business leaders surveyed were concerned with unpredictable risks and new security vulnerabilities arising, and 47% were concerned with new attacks targeting AI.
Mounting staffing challenges may soon see relief, as more organisations worldwide stated that they are planning to increase security budgets compared to last year (63% vs. 51%), and employee training emerged as a top planned investment area. Globally, organisations also plan to invest in incident response planning and testing, threat detection and response technologies (e.g., SIEM, SOAR and EDR), identity and access management and data security protection tools.
Other global key findings in the 2024 Cost of a Data Breach Report include:
Increased internal detection – 42% of breaches were detected by an organisation’s own security team or tools compared to 33% the prior year. Internal detection shortened the data breach lifecycle by 61 days and saved organisations nearly US$1 million in breach costs compared to those disclosed by an attacker.
- Fewer ransoms paid when law enforcement is engaged – By bringing in law enforcement, ransomware victims saved on average nearly US$1 million in breach costs compared to those who didn’t – that savings excludes the ransom payment for those that paid. Most ransomware victims (63%) who involved law enforcement were also able to avoid paying a ransom.
- Breach costs passed to consumers – Sixty-three percent of organisations worldwide stated they would increase the cost of goods or services because of the breach this year – a slight increase from last year (57%) – this marks the third consecutive year that the majority of studied organisations stated they would take this action.