Data breach, Italy burns 3.40 million. Cyber-tax risk is looming

It is a historical record of the costs incurred by companies for cyber attacks. Global average spending is $4.35 million. But consumers will increasingly pay the price, according to the group's report: 60% of organizations are increasing the prices of products and services. Automation and AI are the most attack-proof technologies 27 Jul 2022 L. O.

Historical peak 2022 of data breaches in the world. The cost of data breaches incurred by companies reaches an all-time high of $4.35 million. But according to the price it risks being recharged on consumers in the form of an invisible "cyber-tax". It emerges from IBM's annual report "Cost of data breach" according to which to cope with the costs of attacks 60% of companies have increased the prices of their products and services. Italy is also among the countries that record an increase in attacks: in our country the cost of every single stolen data is 143 dollars against a global average of 164.

Data breach, long-term effect The succession of cyber attacks is also shedding light on the "persecutory effect" of data breaches in companies. The report finds that 83% of the organizations analyzed have experienced more than one data breach in the course of their business. In addition, breaches continue to have increasingly long-term effects: about 50% of data breach costs are incurred more than a year after the breach. The weaknesses of cybersecurity About 80 percent of organizations operating in critical infrastructure do not adopt "zero trust" strategies, with the average costs of breaches increasing to $5.4 million – an increase of $1.17 million compared to companies adopting such strategies. 28% of data breaches against these organizations are ransomware or destructive attacks. In addition, according to the report, "Pay does not pay": ransomware victims who chose to pay the ransom demands of threat actors saved only $ 610,000 on average compared to organizations that chose not to pay, a saving from which the cost of the ransom must be deducted. Considering the high payment demands, the financial cost could still grow, suggesting that simply paying the ransom may not be an effective strategy. Still, among the critical points, the immaturity of security in the cloud: 43% of the organizations examined are in the early stages or have not yet begun to apply security practices in their cloud environments, suffering on average higher breach costs of about 660,000 dollars compared to organizations with more mature security. Automation and AI for security are the main savings factors: organizations that fully adopted automation and AI for security paid on average about $3.05 million less than organizations that did not adopt these technologies – the largest savings observed in the study. A fight "against time" "Companies need to focus their security defenses on attacks and beat attackers on time," said Charles Henderson, Global Head of IBM Security X-Force. It's time to prevent adversaries from achieving their goals and start minimizing the impact of attacks. The more companies try to refine their defense perimeter instead of investing in detection and response, the more breaches end up fueling the rising cost of living." Critical infrastructure in the crosshairs Over the past year, concern has increased around the world about critical infrastructure, which is increasingly targeted by cybercriminals. Many government cybersecurity agencies have been urging warnings against malicious attacks. In fact, the report reveals that ransomware and destructive attacks make up 28% of breaches against organizations in critical infrastructure sectors – financial, manufacturing, healthcare and transportation among others – highlighting how threat actors are trying to trigger a disruption of global supply chains, which rely on these organizations. Despite the call for caution, and a year after the Biden administration issued an executive order on cybersecurity, the report found that only 21 percent of these companies adopt a zero trust security model. In addition, 17% of breaches directed at critical infrastructure were caused by the initial compromise of a business partner, highlighting that security risks often stem from overconfidence in collaborative environments. The benefits of hybrid cloud The report also indicates that hybrid cloud environments are the most popular infrastructures (45%) among the organizations surveyed. Averaging $3.8 million, companies that adopted a hybrid cloud model faced lower breach costs than companies with an exclusively public or private cloud model, which averaged $5.02 million and $4.24 million, respectively. In fact, companies that adopted hybrid cloud were able to identify and contain data breaches in about 15 days less than the global average of 277 days. Healthcare, the costs of attacks rise For the first time, the costs of healthcare violations reach double digits. For the twelfth year in a row, healthcare businesses witnessed more costly breaches than other industries, claiming an average cost increase of nearly $1 million, which reached a record $10.1 million. In addition, the report shows that there are insufficient security personnel: 62% of the organizations surveyed said they did not have enough staff to meet their security needs, incurring an average of $550,000 in breach costs more than those that claim to have sufficient staff.