SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
Story image

Average cost of a data breach in India touched INR 179 million

IBM Security has released its annual Cost of a Data Breach Report, showing the average cost of a data breach in India reached INR 179 million in 2023 – an all-time high for the report and almost a 28% increase since 2020. 

Detection and escalation costs jumped 45% over this same time frame, representing the highest portion of breach costs, and indicating a shift towards more complex breach investigations.

At nearly 22%, the most common attack type in India was phishing, followed by stolen or compromised credentials (16%). Social engineering was the costliest root cause of breaches at INR 191 million, followed by malicious insider threats, which amounted to approximately INR 188 million.

According to the 2023 IBM report, globally businesses are divided in how they plan to handle the increasing cost and frequency of data breaches. The report found that while 95% of organisations studied globally have experienced more than one breach, these breached organisations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%).

“With cyberattacks growing in pace and cost in India, businesses must invest in modern security strategies and solutions to stay resilient," says Viswanath Ramaswamy, Vice President, Technology, IBM India & South Asia.

"The report shows that security AI and automation had the biggest impact on keeping breach costs down and cutting time off the investigation - and yet a majority of organisations in India still haven’t deployed these technologies.

"It’s clear that there is still considerable opportunity for businesses to boost detection and response speeds and help stop the ongoing trend of growing breach costs."

Breaching data across environments

In India, 28% of data breaches studied resulted in the loss of data spanning multiple types of environments (i.e., public cloud, private cloud, on-prem) – indicating that attackers were able to compromise multiple environments while avoiding detection. When breached data was stored across multiple environments, it also had the highest associated breach costs (INR 188 million) and took the longest to identify and contain (327 days).

Need for AI and automation to pick up speed in India

AI and automation had the biggest impact on the speed of breach identification and containment for studied organisations. In India, companies with extensive use of AI and automation experienced a data breach lifecycle that was 153 days shorter compared to studied organisations that have not deployed these technologies (225 days versus 378 days). In fact, studied organisations that deployed security AI and automation extensively saw nearly INR 95 million lower data breach costs than organisations that didn’t deploy these technologies – the biggest cost saver identified in the report. In this context, it is important to note that 80% of studied organisations in India have limited (37%) or no use (43%) of AI and automation.

Follow us on:
© 2023 TechDay, All rights reserved. Hosted on Plan B's Cloud Services. DMARC protection by PowerDMARC.