Who should pay the tab when a cybercriminal succeeds in breaching a company’s network? Many would say that the company should eat the loss, file a claim with its insurance carrier and double down on its efforts to stop the next attack.
New research from IBM, however, suggests that a growing number of businesses don’t see it that way.
According to IBM’s 2023 Cost of a Data Breach Report, businesses are divided on how to handle the increasing cost and frequency of breaches.
“Breached organizations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%),” IBM notes in a news release.
15%
The percentage increase in security breaches over the past three years
Source: IBM, Cost of a Data Breach Report, 2023
The average breach now costs $4.45 million, according to IBM, a 15 percent increase over the past three years. Those costs include any ransom paid to an attacker, plus injury to customer trust, stock price declines, intellectual property loss and more.
Only half of breached companies responded by increasing their cybersecurity efforts. Those that do not stand to pay more: Businesses that learn about breaches from attackers rather than by detecting them pay an additional $1 million in average costs, according to IBM.
LEARN MORE: Find out why network security is a first priority as organizations secure IoT environments.
“Investments in threat detection and response approaches that accelerate defenders’ speed and efficiency — such as AI and automation — are crucial to shifting this balance,” Chris McCurdy, IBM’s general manager of worldwide security services, says in the release.
Learn more about managed detection and response at biztechmag.com/detection.
