Cyberattacks drain R41m from SA businesses
The global average cost of a data breach has reached a record high of $4.88m, a 10% increase from the previous year.
This alarming rise is attributed to factors such as business disruption, customer turnover, and the increasing sophistication of cyberattacks.
For South African companies, the average cost is lower but still significant, standing at R41m ($2.78m).
This increase is driven by business disruption and post-breach response activities.
Nearly half of the breaches involved customer personal identifiable information (PII), which is particularly concerning given the sensitivity of this data.
South Africa has maintained a consistent average breach cost over the past two years, suggesting that organisations may not be adapting their security strategies quickly enough to keep pace with evolving threats.
Exponential rate of data breaches
"South African organisations are facing cyber threats and data breaches at an exponential rate, and this highlights the urgent need for robust cyber security measures,” said Ria Pinto, general manager and technology leader at IBM South Africa.
“As the complexity and frequency of these threats continue to grow, deploying AI-driven security solutions becomes crucial in safeguarding our national digital infrastructure.”
AI-driven security solutions can support the detection and mitigation of risks more efficiently. They are also critical in fortifying the defences of our organisations to help ensure business resiliency and empower organisations to navigate the evolving cyber landscape securely and confidently.
The report puts a spotlight on a global cybersecurity skills shortage, which is likely to be even more pronounced in South Africa.
This skills gap can significantly increase the time it takes to identify and contain a breach, leading to higher costs.
AI and automation
A solution to this skills gap issue is, naturally, throwing AI at the problem.
Extensive use of security AI and automation can significantly reduce the cost of a data breach.
Researchers recommend that South African businesses should prioritise investing in these technologies to enhance their security posture.
It's essential for local enterprises to recognise the significance of incident response (IR) planning and testing by creating and routinely exercising their IR strategies for an efficient reaction to security incidents.
Key statistics
Time to response: Breaches involving stolen or compromised credentials took the longest to identify and contain, averaging 292 days.
Phishing attacks and social engineering attacks also posed significant challenges, with containment times of 261 and 257 days, respectively.
Impact of shadow data: Shadow data, or data residing in unmanaged sources, was involved in 35% of breaches, correlating with a 16% higher cost of a breach.
Security AI: Organisations extensively deploying security AI and automation saw average savings of $2.2m per breach compared to those without AI integration.
AI and automation significantly reduce the time needed to identify and contain breaches, highlighting their importance in modern cyber security strategies.
Sector insights: The industrial sector experienced the highest cost increase per breach, with an average rise of $830,000.
Malicious insider attacks were the costliest, averaging $4.99m per breach.