UK Data Breach costs climb to £3.58m, Financial Sector hit hard
By Gloria Methri
The average cost of a data breach in the UK rose to £3.58 million between March 2023 and February 2024, marking a 5% increase from the previous year and reversing a previous decline. Financial services saw the costliest breaches, followed by professional services and technology sectors, each averaging over £5.4 million per breach.
The 19th annual IBM Cost of a Data Breach report highlights the growing disruption and collateral damage caused by cyber-attacks. Increased costs are largely due to lost business and post-breach responses, with recovery taking over 100 days for the minority (12%) who manage it.
The 2024 Cost of a Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 604 organisations globally between March 2023 and February 2024. More than half of the organisations had severe or high-level staffing shortages last year, which resulted in an average of $1.76 million in higher breach costs.
The report also revealed that stolen or compromised credentials were the most common initial attack vector, at 15%, representing an average total cost of £4.27 million per breach. Phishing was next, at 12% (£3.59 million), and Business Email Compromise was at 11% (£4.03). Malicious insiders were the most expensive entry point (£4.36) at 10% of breaches studied.
This comes at a time when organisations are racing to adopt next-generation AI technologies, which are expected to introduce new risks for security teams.
“In a landscape marked by increasing cyber threats, this year’s report highlights critical vulnerabilities and strategic opportunities,” said Martin Borrett, Technical Director, IBM Security UKI. “Worldwide, organisations with severe security staffing shortages were affected by a substantial rise in breach costs. Security AI and automation are effective in supporting team efforts to identify and accelerate incident response, helping UK companies reduce both breach expenses and business impact. Robust, AI-driven security measures are essential, and addressing regulatory non-compliance and IoT vulnerabilities remains crucial.”
Hacking the clock with AI
UK organisations that extensively employed security AI and automation detected and contained an incident, on average, 106 days faster than organisations not using these technologies. When AI and automation technologies were used extensively, organisations incurred an average of £1.06 million less in breach costs compared to those without AI and automation deployments.
Matthew Evans, Chief Operating Officer and Director of Markets, techUK, said, “The IBM 2024 Cost of a Data Breach report underscores the urgent need for businesses to invest in robust security measures, including AI-powered prevention and automation technologies. As organisations continue to adopt generative AI technologies, addressing the new security vulnerabilities that come with them and prioritising investments in security staffing and training is crucial. By enhancing security measures and leveraging advanced technologies, businesses can better protect their data and mitigate the far-reaching impacts of breaches.”
IBSi Daily News Analysis
IBSi FinTech Journal
- Most trusted FinTech journal since 1991
- Digital monthly issue
- 60+ pages of research, analysis, interviews, opinions, and rankings
- Global coverage
Other Related News
September 09, 2024
One in five US consumers hit by identity fraud, seek security tips from billers
Read MoreSeptember 09, 2024