Whereas the prices of cybersecurity assaults have elevated 10% over the prior yr – representing the most important annual bounce for the reason that pandemic – use of synthetic intelligence and automation in defensive cybersecurity workflows continued to chop breach prices, in accordance with IBM Safety’s 2024 Price of a Knowledge Breach Report, carried out independently by the Ponemon Institute.
The important thing advice: Make investments in synthetic intelligence-driven defenses to “deal with the rising dangers and alternatives introduced by generative AI,” Kevin Skapinetz, IBM Safety’s vp, technique and product design, mentioned in an announcement Tuesday.
AI can cut back breach severity
When used “extensively,” organizations skilled a mean of $2.2 million much less in breach prices, in contrast to those who didn’t use AI-driven defenses of their safety workflows. It’s the largest price financial savings within the annual research, the corporate mentioned.
In its nineteenth yr, IBM’s benchmark research analyzed real-world knowledge breaches skilled by 604 organizations globally between March 2023 and February 2024.
The usage of generative AI for enterprise operations has elevated quickly throughout industries, increasing assault surfaces and introducing new dangers for safety groups.
“These bills will quickly change into unsustainable,” Skapinetz mentioned in an announcement.
In healthcare, probably the most affected trade for the 14th yr working, knowledge automation and AI integrations leverage digital well being information and different techniques, like affected person portals. Many distributors now provide chatbot-based entry to machine studying algorithms that streamline operations and cut back the executive and different burdens plaguing the healthcare ecosystem.
Throughout industries, the researchers discovered that 67% of the organizations analyzed deployed safety AI and automation – almost 10% yr over yr – whereas 20% famous they used some type of safety instruments that depend on machine studying.
With the elevated use of AI instruments in safety – two out of three organizations studied this yr are deploying safety AI and automation throughout their safety operation facilities – they reduce breach prices by a mean of $2.2 million, the researchers discovered.
Regulation enforcement is one other key to price financial savings. Ransomware victims saved on common almost $1 million in breach prices by bringing them in.
Whereas 70% of breached organizations reported that breaches precipitated important disruptions, the worldwide common knowledge breach lifecycle hit a seven-year low of 258 days – down from 277 days in the 2023 report. By enhancing risk mitigation and remediation actions and utilizing safety AI and automation extensively to detect and comprise cyber incidents, safety groups put time again on their sides, the researchers mentioned in a assertion.
On common, 98 days quicker than organizations not utilizing these applied sciences, in accordance with the evaluation.
Extra money for tech workforces
Organizations are additionally dealing with extra extreme staffing shortages, which elevated total breach prices to $5.74 million on common for high-level shortages in comparison with $3.98 million for lower-level ones, in accordance with the report.
Since final yr’s research, there’s been a 26% enhance in shortages, leading to a mean of $1.76 million extra in breach restoration bills than these with minimal or no safety staffing points.
Because of this, extra organizations mentioned they’re planning to extend safety budgets in comparison with final yr – 63% in comparison with 51% – to handle technical useful resource and expertise gaps.
An uptick of worker coaching is a top-planned funding space, the researchers mentioned.
Breaches traced to knowledge visibility gaps
The breaches that took the longest to determine and comprise – at a mean of 283 days – concerned knowledge saved throughout a number of environments, together with public cloud, non-public cloud and on-premise.
All these breaches comprised 40% of these studied, with a mean restoration price of greater than $5 million.
Of notice, a 27% enhance in mental property theft drove prices, up almost 11% from the prior yr to $173 per document.
The researchers additionally mentioned that the addition of genAI to networks pushes knowledge nearer to the floor, and attributed the commonest preliminary assault vector throughout to stolen or compromised credentials (16%).
Knowledge alternate initiatives that break down silos goal streamlined operations and compliance with information-sharing necessities in varied industries, together with healthcare.
With extra exercise throughout environments, organizations should reassess safety and entry controls, the researchers mentioned.
Passing elevated prices on to customers
Whereas organizations mentioned they deliberate to take a position extra in incident response planning and testing, risk detection and response applied sciences and higher identification and entry administration, 63% of organizations acknowledged they’d enhance the patron price of products or companies due to the breach this yr.
“Companies are caught in a steady cycle of breaches, containment and fallout response,” Skapinetz mentioned in an announcement.
“This cycle now typically consists of investments in strengthening safety defenses and passing breach bills on to customers – making safety the brand new price of doing enterprise.”
Healthcare prices are on tempo to rise 8% over the subsequent yr, and multiple in 4 adults indicated they skipped or postponed getting the healthcare they wanted within the earlier 12 months due to the associated fee, in accordance with a current KFF briefing on healthcare price challenges within the U.S.
Elevated prices for any cause may in the end have an effect on healthcare entry.
Andrea Fox is senior editor of Healthcare IT Information.
E mail: [email protected]
Healthcare IT Information is a HIMSS Media publication.
The HIMSS Healthcare Cybersecurity Discussion board is scheduled to happen October 31-November 1 in Washington, D.C. Study extra and register.