The latest IBM Cost of a Data Breach Report 2024 (login required) makes sobering reading. The conclusion is that the direct cost of data breaches is rising at considerably above inflation rates and now stands at 10% higher, at an average cost of $4.88M per breach. The balancing “good news” is that these breaches can be mitigated by $2.2M in breach costs by deploying AI and automation software extensively across prevention workflows—for example attack surface management (ASM), red-teaming and posture management — compared to those with no AI use in those workflows. But the AI systems are far from cheap and do not offset the need for security expertise within the organization; and skills and staffing shortages show a 26.2% increase from the prior year. IBM calculates this to be an average of $1.76 million more in breach costs. It seems CIO’s can’t catch a break. 

The first challenge is that not all data is managed by officially sanctioned IT systems. Shadow data refers to data that is created, stored, or shared through spreadsheets, local copies of databases, emails, and presentations. It can also be found on copies held on personal devices, and even in the cloud, or in tables in a database. This shadow data was implicated in 35% of all data breaches, and proliferation across different locations dramatically increases data risk. Yet it's not just shadow data that is costly, with insider supported breaches, where an employee goes rogue, pushing up costs to almost $5M per breach. When legitimate credentials are compromised, through rogue employees or successful external phishing campaigns they take a long time to identify and act on, with IBM quoting 292 days - that is almost 10 months! Imagine what data damage can be done in that time, with many breaches only discoverable when the cyber attacker themselves notifies the company through a ransomware attack or similar.

The fact is that cybersecurity should not be the sole domain of the IT team but is the responsibility of the entire organization, as it is with physical breaches such as when fire doors are propped open or intruders aren’t challenged in the workplace. Canary & Shield explored cyber intrusion in some depth in the second part of our series on business fraud called How it's Going: A brief History of Business Fraud and Scams.

How Canary & Shield can help

We live in an uncertain world where business and personal risks are a constant part of our lives. The nature and severity of threats is dynamic, so as a leader you need to regularly review their risk position for every aspect of operations: internal and external. Canary & Shield works with you and your team to ensure your business strategy has threat response built in. We can help you ‘look around corners’, challenge assumptions and develop leadership muscle memory that could help you avert or head off risks, providing you with confidence that supports your strategic goals and your recovery plan.