IBM Security’s annual “Cost of Data Breach Report” revealed the average cost of data breaches soared 15 percent to $4.45 million over the last three years for the 17 industries studied. Authors of the report said this was an all-time high and noted that detection and escalation costs “jumped 42 percent over this same time frame, representing the highest portion of breach costs, and indicating a shift toward more complex breach investigations.”

Of the 17 industry sectors studied, retail and consumer goods fared better than the global average. The consumer goods sector clocked an average cost of $3.8 million (10th highest on the list and 16 percent below the global average) while retail came in with an average of $2.96 million (16th on the list and 40 percent lower than the global average).

Of the industries studied, health care was hit the hardest. The sector has an average breach cost of $11 million, which is a 53 percent increase from 2020.

The data breach report, in its 18th year, is based on “in-depth analysis of real-world data breaches experienced by 553 organizations globally between March 2022 and March 2023,” IBM Security (a unit of IBM) said in a statement. The company said the research is sponsored and analyzed by IBM Security and was conducted by the Ponemon Institute.

IBM said according to this year’s report, businesses were somewhat split on how they plan to mitigate breaches. “The study found that while 95 percent of studied organizations have experienced more than one breach, breached organizations were more likely to pass incident costs onto consumers (57 percent) than to increase security investments (51 percent),” the report stated.

Looking at where the data breaches occur, the report found that close to 40 percent of breaches were across multiple environments such as the private and public cloud and on-premises, which IBM said showed that attackers “were able to compromise multiple environments while avoiding detection. Data breaches studied that impacted multiple environments also led to higher breach costs ($4.75 million on average).”

Other key findings of the research showed that AI and automation had a significant impact regarding the speed of data breach containment and identification. The research found that businesses “with extensive use of both AI and automation experienced a data breach life cycle that was 108 days shorter compared to studied organizations that have not deployed these technologies (214 days versus 322 days).”

Leveraging AI and automation technology also saved money. The report’s authors said the studied organizations “that deployed security AI and automation extensively saw, on average, nearly $1.8 million lower data breach costs than organizations that didn’t deploy these technologies — the biggest cost saver identified in the report.”

The research also showed that it pays to involve law enforcement when breached. “Ransomware victims in the study that involved law enforcement saved $470,000 in average costs of a breach compared to those that chose not to involve law enforcement. Despite these potential savings, 37 percent of ransomware victims studied did not involve law enforcement in a ransomware attack.

Another important finding from the research is that internal security teams seldom discover data breaches themselves. The report found that “only one in three studied breaches were detected by the organization’s own security teams or tools, while 27 percent of such breaches were disclosed by an attacker, and 40 percent were disclosed by a neutral third party such as law enforcement.”

Chris McCurdy, general manager of Worldwide IBM Security Services, said, “Time is the new currency in cybersecurity both for the defenders and the attackers. As the report shows, early detection and fast response can significantly reduce the impact of a breach.”

The research shows the need for internal security teams to level up their vigilance. “Only one-third of studied breaches were detected by an organization’s own security team, compared to 27 percent that were disclosed by an attacker. Data breaches disclosed by the attacker cost nearly $1 million more on average compared to studied organizations that identified the breach themselves.”

McCurdy said an organization’s security team “must focus on where adversaries are the most successful and concentrate their efforts on stopping them before they achieve their goals,” and added that investing in threat detection and response approaches that accelerate defenders’ speed and efficiencies, such as AI and automation, is crucial.