IBM’s annual Cost of a Data Breach Report reveals the average cost of a cyberattack in Australia has surged to AUD$4.26 million, a 27% increase since 2020.
The annual Cost of a Data Breach Reportreveals that the technology sector experienced the costliest cyber breaches in Australia, with average breaches costing AUD $5.81 million, followed by the financial services industry at AUD $5.61 million on average.
Increasingly entities are using security AI and automation to combat growing cybersecurity threats with 65% of Australian organisations surveyed saying they are using these technologies across their security operation centres (SOC).
For companies not using security AI and automation the average cost of a data breach is AUD $ 1.74 million more costly (AUD $5.21 million) and takes 99 extra days to identify and contain, compared to those who are extensively using security AI and automation.
Some key findings in the 2024 IBM report for Australia include:
- Initial attack vectors – the most common initial attack vector was phishing (22%) which on average cost a business AUD $4.35 million per breach, followed by stolen or compromised credentials (17%) representing an average cost of AUD $4.32 per breach. The costliest breach was a malicious insider, which cost an organisation on average AUD $4.91 million per breach and accounted for 8% of incidents studied.
- Data Breach Lifecycle – Australian companies needed an average of 266 days to identify and contain cyber incidents, 8 days longer than the global average of 258 days.
- Data Visibility Gaps – 32% of breaches involved data stored across multiple environments including public cloud, private cloud, and on-prem. These breaches cost AUD $4.88 million on average and took the longest to identify and contain at 301 days.
- Detection and escalation costs –At AUD $1.65 million on average, the cost businesses are spending ondetecting cyber threats are still the most expensive part of a breach, followed by post-breach response and lost business costs.
IBM Australia Managing Director Nick Flood acknowledged the evolving threat landscape and highlighted the importance of strengthening Australia’s global collaborative approach to cybersecurity.
“IBM conducts R&D in cybersecurity right here in Australia at our Gold Coast Development Lab and is proud to be delivering global innovative cyber security solutions to Australian clients to enhance their security measures and response strategies,” Mr Flood said.
IBM Security APAC Chief Technology Officer Christopher Hockings said the cyber security industry is reaching a tipping point in the maturity curve for AI, where enterprise grade AI capabilities can be trusted to automatically act upon many types of threats.
“Breached organisations across Australia are seeing significant cost and time savings via their use of security AI and automation across their security operations,” Mr Hockings said.
“Australian businesses are increasingly understanding that the ability to detect and respond to cyber threats swiftly can make all the difference. With attacks growing more sophisticated, it’s imperative for organisations to adapt and prioritise speed in their cybersecurity efforts to avoid costly breaches.”
The 2024 Cost of a Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 604 organisations globally between March 2023 and February 2024.
The research, conducted by Ponemon Institute, and sponsored and analysed by IBM, has been published for 19 consecutive years and has studied the breaches of more than 6,000 organisations, becoming an industry benchmark.
Other global findings in the 2024 Cost of a Data Breach Report include:
- Understaffed Security Teams – Globally, more organisations faced severe staffing shortages compared to the prior year (26% increase) and observed an average of USD $1.76 million in higher breach costs than those with low levels or no security staffing issues.
- Fewer ransoms paid when law enforcement is engaged – By bringing in law enforcement, ransomware victims saved on average nearly USD $1 million in breach costs compared to those who didn’t – that savings excludes the ransom payment for those that paid. Most ransomware victims (63%) who involved law enforcement were also able to avoid paying a ransom.
- Breach costs passed to consumers – Sixty-three percent of organizations worldwide stated they would increase the cost of goods or services because of the breach this year – a slight increase from last year (57%) – this marks the third consecutive year that the majority of studied organizations stated they would take this action.
Keep up to date with our stories on LinkedIn, Twitter, Facebook and Instagram.
