The average cost of a data breach, i.e. a breach of the security, integrity or availability of data, fell slightly in 2023. This is according to the Cost of a Data Breach Report from IBM Security. According to the report, the costs fell from 4.41 million euros in 2022 to 4.3 million euros in the current year. On average, the German companies analyzed took 182 days to detect and contain data breaches. This is 95 days less than the global average (277 days).

More than 95% of the companies surveyed stated that they had been affected by more than one incident. However, according to the 2023 report, they are divided on how to deal with the increasing costs and frequency of data leaks. Affected companies are more likely to pass on the costs to consumers (57%) than increase their security investments (51%).

The results of the report

The 2023 Cost of a Data Breach Report is based on an analysis of real data breaches suffered by 553 companies worldwide between March 2022 and March 2023. The study, commissioned and analyzed by IBM Security, was conducted by the Ponemon Institute and has been published for 18 years. Key findings of the IBM 2023 report include:

• Artificial intelligence and automation had the greatest impact on the speed with which the companies studied were able to detect and contain data leaks. German companies that rely heavily on both technologies recorded an 81-day shorter data leak lifecycle than companies that did not use these technologies (160 days versus 241 days).
• Ransomware victims in the study who engaged law enforcement saved an average of $470,000 (approx. €418,000) in costs per incident globally compared to those who did not engage law enforcement. Despite these potential savings, 37% of ransomware victims surveyed did not involve law enforcement in a ransomware attack.
• Only a third of the incidents investigated worldwide were discovered by companies' own cyber security teams, while 27% were discovered by the attackers. Data leaks that were only revealed by the attack cost almost 1 million dollars (approx. 890,000 euros) more on a global average than those at organizations that detected the attacks themselves.

AI and automation save time and costs

According to the 2023 report, the companies analyzed worldwide that make full use of AI and automation in the security sector have an average of 108 days fewer data leaks compared to companies that do not use these technologies. They also reported significantly lower costs for such incidents. The companies analyzed that have fully deployed AI and automation in security also reported a global average of almost USD 1.8 million (approx. EUR 1.6 million) lower costs in the event of data leaks than companies that have not deployed these technologies - the largest cost saving identified in the report.

This trend was also evident among German companies. Those that already make extensive use of AI and automation in the cyber security sector reported average costs of "only" 3.51 million euros per damage event. Companies that do not use such technologies had to reckon with average costs of EUR 5.27 million per data leak. This corresponds to 1.76 million euros more. Despite this, 47% of the companies analyzed in Germany do not yet use any AI or automation solutions in the area of cyber security. There is therefore significant potential here to significantly shorten the times for detection and rectification and also to reduce the costs of data leaks.

Ransomware attacks - silence is silver, talk is gold

Some companies surveyed are still reluctant to involve law enforcement authorities in the event of a ransomware attack because they believe that this would only complicate the situation. This year, the IBM report took a closer look at this issue for the first time and proved the opposite. For the companies analyzed that did not involve law enforcement, the global average data leak period was 33 days longer than for those that did - and this silence came at a price. The ransomware victims surveyed who did not engage law enforcement paid an average of $470,000 (approx. €418,000) more than those who did.

Despite ongoing efforts by law enforcement agencies to work with ransomware victims, globally 37% of the companies analyzed chose not to engage them. What's more, almost half (47%) of all ransomware victims analyzed reportedly paid the ransom. It's clear that companies need to clear up these misconceptions about ransomware. Paying the ransom and not engaging law enforcement only drives up the cost of damage and delays response.

Cybersecurity teams rarely discover breaches themselves

Some progress has been made in detecting and defending against threats. According to the IBM Threat Intelligence Index 2023, cyber security teams were able to fend off a larger proportion of ransomware attacks last year. However, attackers are still finding ways to slip through the gaps in defenses. The report found that globally, only one in three incidents investigated were discovered by the organization's own security teams or tools, while 27% of data leaks were first discovered by the attacker and 40% by a neutral third party such as law enforcement.

For companies that discovered the data leaks themselves, the costs per incident were almost 1 million US dollars (approx. 890,000 euros) lower than for companies that were discovered by an attacker (5.23 million US dollars compared to 4.3 million US dollars or approx. 4.65 million euros compared to approx. 3.82 million euros). Data leaks discovered by the attacker also took almost 80 days longer (320 vs. 241 days) compared to companies that discovered the incident internally. The significant cost and time savings resulting from early detection show that the investment in these strategies would pay off in the long term.