Data Breach Disruptions pushes cost in India to all-time high of Rs195 Mn in 2024: IBM reports

New Delhi, Aug 2 (Agency) IBM, a leading provider of global hybrid cloud and AI, and consulting expertise has said that escalating Data Breach Disruption has pushed average cost of a data breach in India to an all-time high of Rs 195 Million in 2024. The most common initial attack types in India were phishing and stolen or compromised credentials, accounting for 18 per cent of incidents each. Followed by cloud misconfiguration (12 per cent). Business email compromise was the costliest root cause at an average total cost of Rs 215 million per breach, followed by social engineering (Rs 213 million) and phishing (Rs 209 million) as the next highest costs. According to the 2024 report, 34 per cent of data breaches studied in India involved data stored on public clouds and 29 per cent across multiple environments (including public cloud, private cloud and on-prem). Breached data stored on public clouds represented the highest costs (Rs 227 million), while incidents spanning multiple environments took the longest to identify and contain (327 days). The cost of lost business jumped nearly 45 per cent year-on-year, which contributed to the significant rise in overall breach costs. The local Industrial sector experienced the costliest breaches across industries, IBM said in it annual Cost of a Data Breach Report release on Wednesday.

Breach cost jumped 39 per cent since 2020 and 9 per cent from the prior year, as breaches grow more disruptive and further expand demands on cyber teams. Globally, 70 per cent of breached organizations reported that the breach caused significant or very significant disruption. Lost business and notification costs drove the year-over-year cost spike in India, as the collateral damage from data breaches has only intensified. The cost of lost business — operational downtime, lost customers, and reputation damage, among others— escalated nearly 45 per cent, and notification costs jumped 19 per cent from the previous year, IBM said in a release. The slight rise in detection and escalation costs (almost 7 per cent over the same time frame), reflects the complexity of breach investigations, and once again represents the highest portion of breach costs in India. “The findings from this year’s IBM Cost of a Data Breach Report reinforce the importance of a proactive and integrated AI-powered approach to cybersecurity. As cyber-attacks gain pace and complexity, their impact on organizations becomes multi-dimensional, affecting reputational, financial and operational aspects. Considering that India is getting ready for the rollout of the DPDP Act 2023, businesses also need to assess the regulatory implications of such attacks and ensure end-to-end compliance.

Therefore, prioritizing data security and safeguarding critical assets to help ensure that only the right people have access to organizational resources is essential,” said Viswanath Ramaswamy, Vice President, Technology, IBM India & South Asia. The Indian industrial sector faced the highest impact from data breaches, with average costs reaching Rs 255 million, followed by the technology industry at Rs 243 million and the pharmaceutical sector at Rs 221 million. Globally, critical infrastructure sectors – such as healthcare, financial services, industrial, technology, and energy organizations – incurred the highest breach costs across industries. The 2024 Cost of a Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 604 organizations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute, and sponsored and analyzed by IBM, has been published for 19 consecutive years and has studied the breaches of more than 6,000 organizations, becoming an industry benchmark.