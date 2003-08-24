Arthur T Knackerbracket has processed the following story:
The company’s latest Cost of a Data Breach report found that severe staffing shortages are linked to higher data breach costs, while AI is being used to significantly reduce the average cost of a breach.
[...] The company’s latest report found that the global average cost of a data breach from March 2023 to February 2024 was $4.88m, an increase of 10pc compared to the previous year. IBM attributed the cost spike to lost business as a result of a breach, along with post-breach customer and third-party response costs.
The latest Cost of a Data Breach report also shows that the impacts of data breaches are becoming more severe for businesses, as 70pc of breached organisations reported that a breach caused significant or very significant disruptions. The after-effects are also rising, as recovery takes more than 100 days for most of the breached organisations that were able to fully recover.
Nearly half of all breaches involved customer personal identifiable information, which can include tax identification numbers, emails, phone numbers and home addresses. Breaches involving stolen or compromised credentials took the longest to identify and contain of any attack vector, taking an average of 292 days.
Kevin Skapinetz, IBM Security VP of strategy and product design, said businesses are caught in a “continuous cycle of breaches, containment and fallout response”.
“This cycle now often includes investments in strengthening security defences and passing breach expenses on to consumers – making security the new cost of doing business,” Skapinetz said.
The IBM report suggests that severe staffing shortages are linked to higher data breach costs – more than half of the 604 organisations studied had severe or high-level staffing shortages last year.
Businesses with high levels of staffing issues had an average data breach cost of €5.28m, compared to €3.66m for businesses with lower levels. This trend may be reduced in the near future, as more organisations said they are planning to increase security budgets compared to last year.
IBM’s 2023 report suggested that AI and automation had the biggest impact on the speed of breach identification and containment, showing the role this technology was beginning to play in the cybersecurity sector.
[...] Many experts have spoken about the impact AI will have on the cybersecurity sector, for both defenders and attackers. BT threat intelligence specialist Catherine Williams described AI as a “double-edged sword” for the cybersecurity sector.
(Score: 1) by Runaway1956 on Saturday August 03, @04:41PM
If you can't staff your IT department, you don't have an IT department. MBAs believe that security is a set it and forget it thing. It isn't, never has been, and never will be. You can go all the way back to Sun Tzu to learn that lesson if you like. Sun Tzu would have a lot to say about outsourcing your security as well. Rome, for instance, used a lot of auxiliaries alongside their legions, but they sure as hell didn't leave security to any auxiliary.
Bean counters and penny pinchers should never decide anything related to security. Set standards for staff, find and hire the staff, then get the hell out of staff's way.
