AI means data breaches now cost much less - but they're still a huge threat to businesses

Laptop, phone and hologram of woman for data protection, safety software development or cybersecurity programming.
(Image credit: Getty Images)

  • AI is improving the mean time to identify and contain data breaches
  • IBM finds AI users could be saving £600,000 per breach vs. non-users
  • Only one-third of UK orgs have deployed AI in security

New IBM data suggests the cost of data breaches could actually be falling as AI becomes more integrated into cybersecurity practices, with companies employing these technologies typically incurring much lower costs than non-users.

The study estimated pro-AI firms incurred £3.11 million in costs compared with £3.78 million for non-users - but despite the potential £600,000+ in savings, fewer than one in three UK organizations have widely deployed AI and automation in security, meaning that many are still facing the consequences.

That said, while artificial intelligence has been seen improving detection, it's also assisting with code generation, meaning that more cybercriminals can access more sophisticated attacks.

AI is a double-edged sword in cybersecurity

With the widespread adoption of AI, companies are now seeing breaches happen when employees use non-approved AI tools – also known as shadow AI. Yet only 31% of the companies surveyed have AI governance policies to manage shadow AI.

Third-party vendor and supply chain compromises were cited as the top UK breach causes, accounting for 18 - with phishing (16%) and compromised credentials (11%) also widely seen.

Although humans remain a key entry point for attackers into an organization, trends have shifted over the past two decades. In 2005, lost or stolen devices accounted for nearly half (45%) of breaches, with 2015 seeing a spike in misconfigured clouds. Ransomware also picked up in 2020.

"The data speaks for itself as organisations implementing robust AI-driven security automation are significantly reducing breach costs," IBM UK&I Cybersecurity Services Leader Georgie Cohen explained.

With artificial intelligence, organizations are unlocking faster response times, with a mean time to identify (MTTI) of 148 days and a mean time to and contain (MTTC) of 42 days (compared with 168 days and 64 days for non-users).

You might also like

TOPICS

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.