BENGALURU: The average cost of data breach in India reached “Rs 179 million in 2023, an all-time high and almost a 28% increase since 2020,” according to IBM Security.
In its annual ‘Cost of a Data Breach Report’ released on Tuesday, IBM Security stated, “Detection and escalation costs jumped 45% over this timeframe, representing the highest portion of breach costs indicating a shift towards more complex breach investigations.” The breaches occurred between March 2022 and March 2023, the report stated. Data breach costs continue to grow, reaching a record-high global average of $4.45 million, representing a 15% increase over three years.
Of all the data breaches, phishing at nearly 22%, has emerged as the most common attack type in India, followed by stolen or compromised credentials (16%). “Social engineering was the costliest root cause of breaches, followed by malicious insider threats,” the report stated.
Social engineering, also called ‘human hacking’, is the tactic using psychological manipulation to trick users into making security mistakes or giving away sensitive information.
“With cyber attacks growing in pace and cost in India, businesses must invest in modern security strategies and solutions to stay resilient,” said vice-president, Technology, IBM India & South Asia, Viswanath Ramaswamy.
AI needs to pick up speed in India: Report
“The report shows that security Artificial Intelligence (AI) and automation had the biggest impact on keeping breach costs down and cutting time off the investigation - and yet a majority of organizations in India still haven’t deployed these technologies. It’s clear that there is still considerable opportunity for businesses to boost detection and response speeds and help stop the trend of growing breach costs,” Ramaswamy said.
The report stated that in India, “28% of data breaches studied resulted in the loss of data spanning multiple types of environments (that is, public cloud, private cloud, on-premises) - indicating that attackers were able to compromise multiple environments while avoiding detection. When breached data was stored across multiple environments, it also had the highest associated breach costs (Rs 188 million) and took the longest to identify and contain (327 days).”
The report underscored the need for AI and automation to pick up speed in India. “In India, studied organizations that deployed security AI and automation extensively saw nearly Rs 95 million lower data breach costs than organizations that didn’t deploy these technologies - the biggest cost saver identified in the report.”
The report stated that “80% of studied organizations in India have limited (37%) or no use (43%) of AI and automation.” The report analysed a collection of real-world data breaches at 553 organizations, hundreds of cost factors besides interviewing thousands of individuals. “The report found that while 95% of organizations studied globally have experienced more than one breach, these breached organizations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%).”