IBM's latest Cost of a Data Breach Report reveals a concerning trend in the ASEAN region, where the average cost of a data breach has surged to S$4.34 million in 2024, marking a 7% increase from the previous year. The financial services sector bears the brunt, facing the highest average breach costs at S$7.48 million, the industrial sector at S$5.62 million and technology at S$5.50 million.
The report highlights the significant advantages of employing security AI and automation. Organisations that utilised these technologies reported a shorter breach lifecycle, saving an average of 63 days in identification and 36 days in containment. Moreover, these firms incurred S$1.9 million less in breach costs compared to those without such deployments.
Catherine Lian, General Manager of IBM ASEAN, noted, “The stakes are higher than ever in the AI era. While generative AI can help address the skills shortage in today’s landscape where security teams are understaffed, it is also used to create and launch attacks at scale. ASEAN companies need to invest in AI-driven defences to stay ahead and harness the potential of these technologies, ensuring business continuity and protecting their customers.”
Key insights:
- Breach Lifecycle: The average time to identify and contain incidents was approximately 264 days.
- Data Visibility Gaps: 41% of breaches involved data across multiple environments, with these incidents averaging S$4.63 million in costs.
- Cost Amplifiers: Migration to the cloud, IoT/OT impacts, and complexity of security systems led to increased breach costs.
- Attack Vectors: Phishing emerged as the most common initial attack vector, costing S$4.56 million per breach, followed by business email compromise and stolen credentials.
Healthcare - still number one (in USD Millions)
The average breach cost for healthcare fell 10.6%, to USD 9.77 million. But that factor wasn’t enough to remove it from the top costliest industry for breaches—a spot it’s held since 2011. Healthcare remains a target for attackers since the industry often suffers from existing technologies and is highly vulnerable to disruption, which can put patient safety at stake.
Financial anatomy of a data breach (in USD Millions)
Lost business costs and post-breach response costs soared Costs from lost business and post-breach response rose nearly 11% over the previous year, which contributed to the significant rise in overall breach costs. Lost business costs include revenue loss due to system downtime the cost of lost customers and reputation damage. Post-breach costs can include the expense of setting up call centres and credit monitoring services for impacted customers and paying regulatory fines.