The 2024 report reveals AI usage shortens breach lifecycles by 54 days and reduces costs by $2.84m
IBM has released its annual Cost of a Data Breach Report, showing that in 2024, Canadian organizations faced an average cost of $6.32m per data breach.
Financial services and technology companies experienced the highest costs, with breaches averaging $9.28m and $7.84m, respectively. Phishing attacks, which were the most common initial attack vector, accounted for 14 percent of incidents and cost an average of $6.38m per breach.
The report underscores the importance of Artificial Intelligence (AI) in cybersecurity, revealing that 61 percent of Canadian companies now use security AI and automation to combat breaches. This adoption has led to reduced breach costs.
Organizations with extensive use of AI and automation had breach lifecycles that were 54 days shorter and saved an average of $2.84m compared to those not using these technologies.
Daina Proctor, IBM Canada Security Service Line Delivery leader, emphasized the need for companies to integrate AI and automation into their cybersecurity programs to reduce both the financial impact and business disruption of cyber breaches.
She noted that Canadian organizations investing in AI and automation are better equipped to detect and recover from breaches, thereby reducing the significant costs associated with these events.
The report also identified key factors in reducing data breach costs, such as threat intelligence, employee training, and identity and access management (IAM).
Proper storage and management of data are crucial, as 33 percent of breaches involved data stored across multiple environments, and 31 percent involved data stored solely on the public cloud. Breaches involving the public cloud were the most expensive to remediate, averaging $6.74m.
Globally, the report found that stolen credentials were the most common initial attack vector, accounting for 16 percent of breaches and taking nearly 10 months to identify and contain.
Engaging law enforcement helped ransomware victims save nearly US $1m in breach costs on average, excluding ransom payments.
Critical infrastructure organizations, such as those in healthcare, financial services, industrial, technology, and energy sectors, incurred the highest breach costs. For the 14th consecutive year, healthcare experienced the costliest breaches globally, with average breach costs reaching US$9.77m.
Additionally, 63 percent of organizations worldwide indicated they would increase the cost of goods or services due to breaches, a slight increase from the previous year and marking the third consecutive year of such responses.