Healthcare has seen the highest data breach costs for the 13th consecutive year, with breaches averaging $4.45 million globally, according to Ponemon Institute and IBM Security research. Healthcare sector breach costs surged by 53% since COVID-19’s onset, reaching nearly $11 million for health data breaches. The study emphasizes AI’s impact, shortening breach cycles by 108 days and reducing costs by $1.8 million. Meanwhile, cyber adversaries have sped up attack completion times. The report includes breach cost analyses and security advice. A previous study revealed 20% of cyber-hit hospitals reported increased patient mortality rates.
For the thirteenth consecutive year, healthcare has incurred the highest costs due to data breaches. According to recent research by the Ponemon Institute and IBM Security, the global average expense of a data breach has surged to $4.45 million. Additionally, the expenses associated with evading legal action following a ransomware attack have surged by $470,000.
This study delved into 553 organizations across various sectors, analyzing data breaches between March 2022 and March 2023. Notably, the healthcare sector witnessed a 53% increase in breach costs since the onset of the COVID-19 pandemic. The expenses related to breaches of health data have reached a staggering figure of nearly $11 million.
The significance of this research lies in the Cost of a Data Breach Report 2023, which thoroughly examines the underlying causes and the immediate and long-term repercussions of data breaches. The report also evaluates the strategies and technologies that organizations employ to either minimize losses or heighten recovery expenses.
Among the prevalent breach methods, phishing constituted 16%, closely followed by compromised credentials. Alongside the escalating financial impact of breaches, the healthcare domain grapples with cyberattacks that exploit medical records for extortion purposes.
An interesting revelation is that merely one-third of the surveyed organizations were able to detect breaches on their own, while 27% became aware of breaches through attacker disclosures. The latter group faced breach durations that were almost 80 days longer than those who identified breaches earlier.
Furthermore, the study highlighted the substantial influence of artificial intelligence and automation on breach detection and containment speed. Organizations employing AI experienced breach cycles that were 108 days shorter compared to those without these technologies – 214 days versus 322 days. These researchers also concluded that extensive deployment of AI and automation significantly reduced breach costs by nearly $1.8 million in comparison to entities that did not utilize these tools.
Additionally, the research revealed that 51% of affected organizations plan to augment their investments in security, focusing on incident response planning, employee training, and threat detection and response technologies.
Despite defenders successfully thwarting a higher proportion of ransomware attacks during the previous year, this study on breach expenses demonstrated that adversaries have decreased their average attack completion time.
The report encompasses comprehensive analyses, including breach costs categorized by geographical region and industry. It also features security recommendations from IBM Security experts.
In the broader context, a prior study by the Ponemon Institute examined the direct consequences of cyberattacks on patient safety within U.S. hospitals and health systems. Alarmingly, it indicated that 20% of institutions hit by the four most common types of cyberattacks experienced heightened patient mortality rates.
Larry Ponemon, the institute’s chairman and founder, highlighted the strain that these attacks impose on healthcare resources. He emphasized that these outcomes lead to substantial costs as well as a direct impact on patient welfare, jeopardizing their safety.
Chris McCurdy, the general manager of Worldwide IBM Security Services, emphasized the importance of time in cybersecurity for both defenders and attackers. He underscored the report’s findings that swift detection and response significantly mitigate the consequences of breaches.
