IBM Report: Malicious attacks led to most expensive data breaches over past year
By Staff Writer 4 August 2020 | Categories: newsIBM Security has revealed the results of a study examining the financial impact of data breaches, which showed that these incidents cost South African companies R40.2 million per breach on average amongst organisations studied.
Based on in-depth analysis of data breaches experienced by South African organisations, the study found that malicious attacks on customer, employee and corporate data were most prevalent – accounting for 48% of incidents – and proving to be the costliest cause of breaches to businesses.
As companies are increasingly accessing sensitive data via new remote work and cloud-based business operations, the report sheds light on the financial losses that organisations can suffer if this data is compromised. Sponsored by IBM Security and conducted by the Ponemon Institute, the 2020 Cost of a Data Breach Report is based on in-depth interviews with security professional in organisations that suffered a data breach over the past year.
Examining cost factors which contribute to the cost of the data breach in South Africa, the study found that:
- For companies studied in South Africa, the average time to identify a data breach increased to 177 days (from 175 days in 2019), and the average time to contain a data breach once identified decreased to 51 days (from 56 days in2019). The global average to identify a data breach was higher at 207 days with an average time of 73 days to contain the breach.
- In South Africa, the three root causes of data breaches identified as malicious or criminal attack (48%), human error (26%) and system glitches (26%)
- On average, malicious or criminal attacks took 191 days to identify and 62 days to contain. Human error breaches took 164 days to identify and 40 days to contain while system glitch breaches took 163 days to identify and 44 to contain.
- The amount of lost or stolen records also impacts the cost of a breach, costing R1,984 per lost or stolen record on average – a 9.35% decrease from 2019.
- Investments in smart tech resulted in lower breach costs as companies who had fully deployed security automation technologies (which leverage AI, analytics and automated orchestration to identify and respond to security events) experienced lower data breach costs compared to those who didn’t have these tools deployed.
“It is becoming increasingly important for IT leaders to put security measures in place which reduce the impact of a data breach. With this year’s study we’re seeing how costs were much higher for South African organisations that had not yet invested in areas such as security automation and incident response processes – and how complex security systems and cloud migration cost companies the most. With growing complexities facing companies, putting measures in place which significantly reduce the time it takes to investigate, isolate, contain and respond to the damage, will significantly reduce financial and brand impact,” said Sheldon Hand, IBM Security Leader for South Africa.
Employee Credentials and Misconfigured Clouds – Attackers’ Entry Point of Choice
In global findings, stolen or compromised credentials and cloud misconfigurations were the most common causes of a malicious breach for companies in the report, representing nearly 40% of malicious incidents. With over 8.5 billion records exposed in 2019, and attackers using previously exposed emails and passwords in one out of five breaches studied, businesses should rethink their security strategy via the adoption of a zero-trust approach – reexamining how they authenticate users and the extent of access users are granted.
Similarly, South African companies’ struggle with security complexity – a top breach cost factor which increases the cost implication by R3.3 million on average for South African companies studied in the report.
Advanced Security Technologies Prove Smart for Business
The report highlights the growing divide in breach costs between businesses in South Africa implementing advanced security technologies and those lagging behind, revealing a cost-saving difference of R2.5 million for SA companies with deployed security analytics versus those that have yet to deploy this type of technology.
Companies in the study with fully deployed security automation also reported significantly shorter response time to breaches, another key factor shown to reduce breach costs in the analysis. The report found that AI, machine learning, analytics and other forms of security automation enabled companies to respond to breaches faster than companies that have yet to deploy security automation. The study found that South African organisations which invested in AI platforms were also found to save R2 million on the average cost of a data breach.
Incident response (IR) preparedness also continues to heavily influence the financial aftermath of a breach. According to the report, South African companies with neither an IR team nor testing of IR plans experience higher average breach costs, whereas local companies that have both an IR team and use tabletop exercises or simulations to test IR plans experience R3.4 million less in breach costs – reaffirming that preparedness and readiness yield a significant ROI in cybersecurity.
Some additional findings from this year’s global report include:
· Remote Work Risk Will Have a Cost – With hybrid work models creating less controlled environments, the report found that 70% of companies studied that adopted telework amid the pandemic expect it will exacerbate data breach costs.
· Majority of Cyber Insured Businesses Use Claims for Third Party Fees: The report found that breaches at studied organisations with cyber insurance cost on average R2.2 million less than the global average of $3.86 million. In fact, of these organisations that used their cyber insurance, 51% applied it to cover third-party consulting fees and legal services, while 36% of organisations used it for victim restitution costs. Only 10% used claims to cover the cost of ransomware or extortion.
Nation State Attacks – The Most Damaging Breaches: Data breaches believed to originate from nation state attacks cost organisations on average $4.43 million. Despite representing just 13% of malicious breaches studied, state-sponsored threat actors were the most damaging type of adversary according to the 2020 report, suggesting that financially motivated attacks (53%) don’t necessarily translate into higher financial losses for businesses.
About the Study
The annual Cost of a Data Breach Report is based on in-depth analysis of real-world data breaches taking place between August 2019 and April 2020, taking into account hundreds of cost factors including legal, regulatory and technical activities to loss of brand equity, customers, and employee productivity.
To download a copy of the 2020 Cost of a Data Breach Report, you can visit: ibm.com/databreach
Most Read Articles
Have Your Say
What new tech or developments are you most anticipating this year?