Data breaches cost UK businesses millions every time
New research shows the average cost of data breaches for UK businesses continues to rise, with customers potentially bearing the heaviest burden.
A report from IBM found that the cost of a data breach has risen by 5% between now and 2024, bringing the average cost of a data breach to £3.58m per incident.
For attacks in the financial sector, this figure rises to a staggering £6.05 million, followed by over £5.51 million in professional services and £5.4 million in the technology sector.
Long recovery periods
Stolen credentials and phishing attacks were the top tactics used as initial attack vectors in data breaches, resulting in an average cost of £$0.27 million and £3.59 million respectively.
As collateral damage increases, more than 60% of organizations globally say they will increase the cost of goods and services this year as a result of breaches and associated costs.
Globally, only 12% of organizations that suffered a data breach reported that they were able to fully recover from a data breach. Most organizations took more than 100 days. Internal detection typically saves a company up to $1 million and reduces the process by 61 days compared to incidents reported by an attacker.
Severe IT staff shortages worldwide have led to higher breach costs, forcing companies to increase security budgets and invest in staff training. Business disruption and third-party and customer responses following a breach also drive up costs.
Businesses can try to limit the damage, with most ransomware victims who engage law enforcement avoiding paying the ransom (63%). Victims who used security AI and automation to detect and contain incidents were on average 106 days faster than those without.
However, the adoption of next-generation AI technologies is expected to introduce new risks for security teams. 47% of business leaders surveyed were concerned about new attacks on AI, while 51% were worried about new security breaches and unpredictable risks that could come with them.
“In a landscape characterised by increasing cyber threats, this year’s report highlights critical vulnerabilities and strategic opportunities,” said Martin Borrett, technical director, IBM Security UKI.
“Globally, organisations with severe security staff shortages have been hit by a substantial increase in breach costs. Security AI and automation are effective in supporting team efforts to identify and accelerate incident response, enabling UK businesses to reduce both the cost of breaches and the impact on the business. Robust, AI-driven security measures are essential, and addressing regulatory non-compliance and IoT vulnerabilities remains critical.”