Digital Security | Authentication

The Surprising Answer Why Data Breach Costs Are Soaring in ASEAN

The numbers are in and aren't favorable for companies in the ASEAN region. With a staggering average of USD3.05 million as the price tag for data breaches in 2023, businesses in ASEAN nations are grappling with a 6% year-to-year rise. The figures, brought to light by the annual Cost of a Data Breach Report from IBM Security, show that detection and escalation costs have surged by 15%, hinting at increasingly complex investigations surrounding breaches.

The larger issue? Attackers have gotten smarter. Almost 38% of the studied data breaches resulted in data loss across multiple settings, such as public cloud, private cloud, and on-premises infrastructures. This showcases that adversaries have refined their tactics, penetrating various environments without setting off alarms. Unfortunately for businesses, breaches that impact multiple environments come with a heftier bill, averaging USD3.14 million.

Financial and energy sectors are bearing the brunt, the report reveals. Particularly in ASEAN, financial institutions deal with a whopping average of USD4.81 million per breach. In contrast, the energy sector faces average costs of USD3.60 million.

Interestingly, companies aren't solely reliant on their in-house teams to detect these breaches. A concerning statistic shows that the company's security teams or tools identified only one-third of the studied breaches. The rest often come with a delayed, costlier resolution, especially if disclosed by attackers or third-party entities.

However, there's a silver lining. AI is proving its worth in minimizing damage, says Chris Hockings, chief technology officer of IBM Security, Asia Pacific. In the face of these cyber challenges, ASEAN organizations utilizing AI and automation extensively have shortened their data breach lifecycle by 99 days and curtailed their data breach expenses by nearly USD1.25 million.

“In 2023, the industry is reaching a tipping point in the maturity curve for AI in security operations where enterprise-grade AI capabilities can be trusted and automatically acted upon via orchestrated response,” he said.

Yet, many organizations remain apprehensive about involving law enforcement when ransomware enters the equation. A surprising 37% of the ransomware victims studied chose not to seek help from law enforcement, even though those that did had significantly lower breach costs. As the report points out, this hesitation could be costly, leading to prolonged breach lifecycles and additional costs averaging USD470,000.

The broader implications are evident. As cyber threats evolve and become more complex, it's pivotal for organizations to fortify their defenses and embrace innovations that could stem the rising costs of data breaches.

Image credit: iStockphoto/Doucefleur