Home
Reports
Data breach
Be prepared for breaches by understanding how they happen and learning about the factors that increase or reduce your costs. New research from IBM and Ponemon Institute provides insights from the experiences of 604 organizations and 3,556 cybersecurity and business leaders hit by a breach. Empower yourself with real-world examples and expert recommendations on how to mitigate the risks.
The global average cost of a data breach in 2024—a 10% increase over last year and the highest total ever.
Share of breaches that involved shadow data, showing the proliferation of data is making it harder to track and safeguard.
The average cost savings in million for organizations that used security AI and automation extensively in prevention versus those that didn’t.
Get the most up-to-date information on the financial impact of data breaches. Safeguard your data, people, infrastructure and your organization’s bottom line.
Cybersecurity expert Jeff Crume explains the key findings, lessons learned, and steps you can take right now to guard against data breaches and mitigate their costs.
Check out the recommendations based on the findings of the Cost of a Data Breach Report and learn how to better secure your organization.
40% of data breaches involved data stored across multiple environments. Breached data stored in public clouds incurred the highest average breach cost at USD 5.17 million.
Innovative technologies, such as IBM® Guardium® software, provide a solution that can help you strengthen your data security programs by uncovering shadow data and protecting sensitive information across hybrid clouds. IBM Verify provides deep, AI-infused context for both consumer and workforce identity access management (IAM).
You can also streamline this undertaking further with identity and security experts who can help you define and manage solutions across hybrid cloud environments, transform governance workflows and demonstrate compliance.
The adoption of generative AI (gen AI) models and third-party applications across the organization, as well as the ongoing use of Internet of Things (IoT) devices and SaaS applications, are expanding the attack surface, putting pressure on security teams.
Applying AI and automation that support security prevention strategies, including in the areas of attack surface management, red-teaming and posture management, can help. These solutions can be adopted through fully managed security services.
Organizations that applied AI and automation to security prevention saw the biggest impact in reducing the cost of a breach, saving an average of USD 2.22 million over those organizations that didn’t deploy these technologies.
While organizations are moving quickly ahead with gen AI, only 24% of gen AI initiatives are secured. The lack of security threatens to expose data and data models to breaches, potentially undermining the benefits gen AI projects are intended to deliver.
As gen AI adoption scales, organizations should look to IBM’s framework for securing gen AI data, models and use, along with establishing AI governance controls. IBM Guardium® Data Protection can extend data security to vector databases that power AI models. It can help protect sensitive AI training data and extend visibility into AI misuse or data leakage. Meanwhile, organizations can securely innovate, adapt and stay competitive with the help of IBM’s data and AI security services.
75% of the increase in average breach costs in this year’s study was due to the cost of lost business and post-breach response activities. The lesson: investing in post-breach response preparedness can help dramatically lower breach costs.
Organizations can build muscle memory for breach responses by taking part in IBM X-Force® Cyber Range crisis simulation exercises. These exercises can include security teams as well as business leaders, so the entire organization can improve its ability to detect, contain and respond to breaches. IBM X-Force® Incident Response Services can also give you access to a team of experienced threat hunters, responders and investigators who specialize in preparedness, detection, response and recovery.