IBM Security has released its annual Cost of a Data Breach Report, showing the average data breach cost for South African organizations reached R49,45-million in 2023 – an all-time high for the report. This represents an 8% increase over the last three years and a 73% increase since South Africa was added to the report eight years ago.

The per record average cost of data breaches reached an all-time high at R2 750, a 20% increase from R2 300 in 2021.

Detection and escalation costs reached R20,88-million-the highest portion of breach costs and indicating a shift towards more complex breach investigations. This was followed by costs associated with lost business at R13,56-million, post-breach responses at R13,29-million and notifying relevant stakeholders at R1,72-million.

According to the 2023 IBM report, the financial sector experienced the highest average costs of data breaches, totalling R73,1-million. The industrial and services sectors were second and third, with R71,37-million and R58,78-million, respectively.

The majority of cyber threats were the results of stolen or compromised credentials and phishing scams constituting 14% each as the initial attack vectors. Attacks through compromised business emails were second at 12%, and attacks due to cloud misconfiguration were third at 11%.

Globally, the study also found that 95% of studied organisations, including South African organisations, have experienced more than one breach. However, breached organizations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%).

“South Africa is the financial center and economic gateway to the rest of the continent. This knowledge is not exclusive to the business community; cyber attackers are aware of it too as the financial sector is the most targeted,” says Ria Pinto, GM and technology leader at IBM South Africa.

“Organisations should look to modernize their perimeter security strategies to enhance protection of their financial data by using zero-trust security solutions, underpinned by AI and automation, to increase their cyber resiliency, manage the risks and comply with strict data privacy policies such as the Protection of Personal Information Act (POPIA).”

AI and automation had the biggest impact on speed of breach identification and containment for studied organisations. In South Africa, organisations with extensive use of both AI and automation experienced a data breach lifecycle that was 95 days shorter compared to studied organisations that did not deploy these technologies (190 days versus 285 days), and only 28% of studied organisations have extensively implemented security AI and automation.

In fact, studied organisations that deployed security AI and automation extensively saw, on average, nearly R10,49-million lower data breach costs than organisations that did not deploy these technologies – the biggest cost saver identified in the report. And with nearly 29% of studied organisations not yet deploying security AI and automation and 43% using them sparingly, organisations still have a considerable opportunity to boost detection and response speeds.

“Time is the new currency in cybersecurity, both for the defenders and the attackers. As the report shows, early detection and fast response can significantly reduce the impact of a breach,” says Chris McCurdy, GM: worldwide IBM Security Services. “Security teams must focus on where adversaries are the most successful and concentrate their efforts on stopping them before they achieve their goals. Investments in threat detection and response approaches that accelerate defenders’ speed and efficiency – such as AI and automation – are crucial to shifting this balance.”

The 2023 Cost of Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 553 organizations globally (including 21 in South Africa) between March 2022 and March 2023. The research, sponsored and analyzed by IBM Security, was conducted by Ponemon Institute and has been published for 18 consecutive years.

Additional key findings for South Africa in the 2023 IBM report include:

  • Breaching data across environments – Over 51% of data breaches studied resulted in data loss across multiple environments, including public cloud, private cloud, and on-prem—showing that attackers could compromise multiple environments while avoiding detection. Data breaches impacting multiple environments also led to higher costs (R51,49-million on average).
  • The incident response team advantage – Studied organizations across all industries with a high-level incident response (IR) team and a robust IR plan with regular testing saw the average cost of a data breach of R2,96-million and R2,92-million, respectively, lower than those studied with a low level/no use of an IR approach.