Leichte Sprache
Mitgliederbereich
Presse
Software

IBM: Costs of data leaks reach new record high

July 30, 2024. IBM today published its annual study on the costs of data breaches. The study “Cost of a Data Breach Report 2024” shows that the average cost of a data breach in Germany in 2024 has risen to 4.9 million euros per case. It also shows that the impact of data breaches on business operations is becoming ever greater and the demands on cybersecurity teams continue to increase. Compared to the previous year, the cost per data leak rose by 14%, the biggest annual jump since the pandemic.

Share this Post
Photo: IBM

Categories

Software

Tags

Data Security, Digitization, IT

Contact info

Silicon Saxony

Marketing, Kommunikation und Ă–ffentlichkeitsarbeit

Manfred-von-Ardenne-Ring 20 F

Telefon: +49 351 8925 886

Fax: +49 351 8925 889

redaktion@silicon-saxony.de

Contact person:

Julia Nitzschner

julia.nitzschner@silicon-saxony.de

Telefon: +49 351 8973 3865

Robert KrauĂźe

robert.krausse@silicon-saxony.de

Telefon: +49 351 8925 886

Worldwide, the average cost per data leak increased by ten percent in 2024 – this is less than the 14 percent increase observed in Germany. At the same time, however, the study came to the conclusion that German companies needed an average of 185 days to identify and contain these incidents. This is the shortest period of time compared to other countries and regions surveyed. German companies were 73 days below the global average, which was 258 days.

The Cost of a Data Breach Report is based on an in-depth analysis of real-life incidents affecting 604 companies worldwide between March 2023 and February 2024. The report is produced by the Ponemon Institute and sponsored and analyzed by IBM. It has been published globally for 19 years and in Germany for 16 years, and in that time has examined incidents at more than 6,000 companies and organizations, making it an industry benchmark.

Some other key findings from the report for Germany include:

  • AI-powered security solutions pay off – In Germany, 58 percent of companies surveyed use AI-based security and automation solutions, a jump of nine percent from the previous year. When these technologies were used on a large scale, German companies reduced the total duration of incidents by 89 days. In addition, they incurred an average of €2.73 million less in claims costs compared to companies that did not use AI-based security and automation solutions.
  • Critical infrastructures most affected – Companies from the industrial sector in Germany recorded the highest costs as a result of data leaks (9.34 million euros), followed by financial service providers (6.19 million euros) and technology companies (5.65 million euros).
  • Stolen credentials are the number one initial attack vector – The most common first gateway for attackers in 2024 was stolen or compromised credentials. They accounted for 20 percent of incidents in Germany and caused average total costs of 5.11 million euros per case. Phishing took second place with 17% of cases (5.52 million euros), followed by misconfigurations in the cloud with 15% (3.95 million euros). Malicious insiders caused the most damage at 5.75 million euros, but were only the starting point for the attack in 6% of the cases investigated.
  • Gaps in data transparency – Almost half (47%) of the incidents in Germany involved data that was stored in different environments, for example in the public cloud, the private cloud and in the company’s own data center. These incidents cost companies more than EUR 5.27 million on average. It also took the longest time to identify and contain these incidents (215 days in total).
    “German companies are once again facing a sharp increase in the cost of data leaks. However, the report also shows that a high maturity level of security systems and good preparation for cyber incidents significantly reduce the impact on business operations and the costs of data leaks,” said Christine Barbara MĂĽller, Partner & Head of Security Services DACH at IBM Germany. “In this challenging environment, both globally and in Europe, where AI-powered attacks are increasingly common, preparation is becoming more and more important. AI-based security and automation solutions provide IT teams with powerful tools to improve protection and further reduce detection, containment and recovery times. Companies should take advantage of this opportunity to stay one step ahead of cybercriminals.”
    The 2024 report provides data from Germany, France, Italy, the United Kingdom and the Benelux countries in Europe. Here is some additional information about these countries:
  • Average duration of data leaks: UK – 230 days; Italy – 218 days; France – 294 days; Benelux – 204 days.
  • Most common initial attack vector: UK – stolen or compromised credentials, 15 percent; Italy – phishing, 17 percent; France – stolen or compromised credentials at 14 percent and cloud misconfiguration also at 14 percent; Benelux – stolen or compromised credentials, 19 percent.
  • Use of AI-based security and automation solutions (percentage of organizations using them extensively or to a limited extent, according to the report): UK – 71 percent; Italy – 69 percent; France – 70 percent; Benelux – 66 percent. In Europe, the extensive use of AI-based systems reduced the costs and duration of data leaks. This underlines the value of these technologies for security management.
    Globally, the 2024 Cost of a Data Breach Report also revealed the following trends:
  • Unstaffed security teams – More organizations worldwide faced severe staff shortages compared to the previous year (up 26 percent). They also averaged $1.76 million higher costs per incident than those with little or no staffing issues.
  • Involving law enforcement reduces ransomware costs – By involving law enforcement, ransomware victims were able to save an average of nearly $1 million in costs per data breach worldwide, compared to affected organizations that did not. Only the general costs were included in these calculations, not any ransoms paid. Most ransomware victims (63 percent) who involved law enforcement were also able to avoid paying the ransom.
  • Costs of damage will be passed on to consumers – 63 percent of companies and organizations surveyed said they would increase the cost of their goods or services as a result of the incidents this year. This is a slight increase on last year (57 percent). It is also the third year in a row that the majority said they would do so.

About IBM

IBM is a leader in global hybrid cloud and AI and consulting. We help clients in more than 175 countries commercialize insights from their data, optimize business processes, reduce costs and stay ahead in their industry. More than 4,000 government agencies and organizations in critical infrastructure sectors such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift for fast, efficient and secure digital transformation. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and consulting provide open and flexible options for our clients. All of this is backed by IBM’s long-standing commitment to trust, transparency, accountability, inclusion and service.

– – – – – –

Further links

👉 www.ibm.com 

Photo: IBM

You may be interested in the following