The IBM Cost of a Data Breach report revealed that the average cost of data breaches in the UK increased by 5% from last year’s findings.
The report highlighted that the cost of a data breach on average amounted to £3.58m from March 2023 to February 2024, with financial services being impacted the most, along with professional services and technology sectors.
These three aforementioned industries each averaged a cost of £5.4m per data breach over the past year. The report outlined there to be a growing disruption and collateral damage caused by cyber attacks in varying degrees.
IBM attributed the rise in data breach costs largely due to lost business and post-breach responses, with recoveries taking over 100 days for the 12% of those affected to manage it. Additional cost drivers include regulatory fines, impacts on operational technology, and supply chain issues.
The report also revealed that stolen credentials were the leading cause of breaches, costing £4.27m on average, followed by phishing and business email compromise. Breaches caused by malicious insiders were the most expensive, averaging £4.36m.
The Zscaler ThreatLabz unit reported a record $75m ransom payment to the Dark Angels ransomware group, warning that such high payments will likely inspire similar attacks, increasing overall costs.
Martin Borrett, Technical Director of IBM Security, UK and Ireland, commented on the findings: “In a landscape marked by increasing cyber threats, this year’s report highlights critical vulnerabilities and strategic opportunities.
In assessing what more can be done to mitigate potential data breaches and other cyber crimes in the future, Borrett highlighted the need for enhanced artificial intelligence (AI) measures to come into effect to automate the prevention action quicker.
He explained: “Security AI and automation are effective in supporting team efforts to identify and accelerate incident response, helping UK companies reduce both breach expenses and business impact.
“Robust, AI-driven security measures are essential, and addressing regulatory non-compliance and IoT vulnerabilities remains crucial.”
Whilst AI adoption across financial security teams is becoming more apparent as the technology becomes highly more sophisticated, in the same respect, it is also being used by cyber criminals as well.
With AI fraud expected to surge to new heights over the coming years, there is widespread belief across the financial industry that talent hiring and advanced AI models are needed in order to combat these attacks, such as data breaches.