Data breaches which compromise employee accounts have been found to be the most expensive, according to a new report from IBM Security, which also discovered that breaches in general cost companies an average of US$3.86 million per incident.
The figures are part of a study released today based on analysis of over 500 worldwide organisations which have all at some time experienced some sort of data breach.
80% of surveyed organisations reported having exposed customers' personally identifiable information (PII) as a result of a breach, and out of all types of data exposed in these breaches, customer PII was also the costliest to businesses.Security automation a key player
One of the key findings of the report was the effectiveness of security automation.
Companies that leverage AI, analytics and automated orchestration to respond to security events experience less than half the data breach costs compared to those who didn't have these tools deployed – $2.45 million vs. $6.03 million on average.
Security response times were also reported to be ‘significantly shorter' for companies with fully deployed security automation – these companies are as much as 27% faster than their counterparts at responding to breaches.
“When it comes to businesses' ability to mitigate the impact of a data breach, we're beginning to see a clear advantage held by companies that have invested in automated technologies,” says IBM X-Force Threat Intelligence vice president Wendi Whitmore.
“At a time when businesses are expanding their digital footprint at an accelerated pace and security industry's talent shortage persists, teams can be overwhelmed securing more devices, systems and data.
“Security automation can help resolve this burden, not only enabling a faster breach response but a significantly more cost-efficient one as well.Credentials and misconfigured clouds - the entry point of choice
At 40% of all incidents, the most common cause of a malicious breach for the surveyed companies was stolen or compromised credentials and cloud misconfigurations.
Attackers use cloud misconfigurations to breach networks almost 20% of the time, which can result in increased costs by more than $500,000 when comparing to last year's report.
Additionally, the report found that attackers used previously exposed emails and passwords in 20% of all analysed breaches – prompting IBM to urge companies to re-examine their authentication protocols and consider a zero-trust approach.State-sponsored attacks hit hardest
While they represent around a tiny 13% of all malicious breaches, state-sponsored attacks were the most damaging, according to the report.
These types of attacks tend to target high-value data and thus result in a more extensive compromise of victim environments, with costs of breaches averaging around $4.43 million.
The energy sector, commonly targeted by nation-states, saw a 14% increase in breach costs when compared to the prior-year period, with an average breach cost of $6.39 million.