Press Releases

IBM Report: Escalating Data Breach Disruption Pushes Cybersecurity Costs in Canada

AI Plays Crucial Role in Reducing Impact of Cyber Breaches for Canadian Organizations
Jul 30, 2024
  • Canadian organizations pay an average cost of CA$6.32 million per data breach.
  • Financial sector pays $9.28 million on average per breach, the technology sector is paying $7.84 million on average, and the industrial sector pays $7.81 million on average.
  • Organizations with extensive use of security AI and automation report costs of CA$2.84 million less and 54-day shorter breach lifecycles.

MARKHAM, ON, July 30, 2024 /PRNewswire/ -- IBM (NYSE: IBM) today released its annual Cost of a Data Breach Report, revealing that Canadian organizations are paying an average cost of CA$6.32 million per data breach in 2024, as breaches grow more disruptive and further expand demands on cyber teams. Financial services and technology companies experienced the costliest breaches, with average costs of CA$9.28 million and CA$7.84 million, respectively. Phishing attacks were the most common type of initial attack vector, representing 14% of incidents and costing an average of CA$6.38 million per breach.

The report highlights the importance of Artificial Intelligence (AI) in cybersecurity. The findings show that 61% of Canadian companies are now deploying security AI and automation to prevent and combat breaches, which has led to a reduction in breach costs. In fact, organizations with extensive use of AI and automation in their security operations had breach lifecycles that were 54 days shorter and cost CA$2.84 million less on average compared to companies not using these technologies.

"The findings of this report underscore the business imperative for companies to integrate AI and automation into their cybersecurity programs to reduce both the financial impact and business disruption of cyber breaches," said Daina Proctor, IBM Canada Security Service Line Delivery Leader. "Canadian organizations that invest in AI and automation will be better equipped to detect and recover from breaches, reducing the significant costs associated with these events."

According to the 2024 report, threat intelligence, employee training and identity and access management (IAM) were identified as key factors in helping to reduce data breach costs.

The report also drew attention to the importance of proper storage and management of data. 33% of breaches involved data stored across multiple environments and 31% involved data stored solely on the public cloud. Breaches solely involving the public cloud were also the most expensive to remediate, at CA$6.74 million on average.

Other global findings in the 2024 Cost of a Data Breach Report include:

Stolen credentials topped initial attack vectors – At 16%, stolen/compromised credentials was the most common initial attack vector. These breaches also took the longest to identity and contain at nearly 10 months.
  
Fewer ransoms paid when law enforcement is engaged – By bringing in law enforcement, ransomware victims saved on average nearly US$1 million in breach costs compared to those who didn't – that savings excludes the ransom payment for those that paid. Most ransomware victims (63%) who involved law enforcement were also able to avoid paying a ransom.
  
Critical infrastructure organizations see highest breach costs – Healthcare, financial services, industrial, technology and energy organizations incurred the highest breach costs across industries. For the 14th year in a row, healthcare participants saw the costliest breaches across industries with global average breach costs reaching US$9.77 million.
  
Breach costs passed to consumers – Sixty-three percent of organizations worldwide stated they would increase the cost of goods or services because of the breach this year – a slight increase from last year (57%) – this marks the third consecutive year that the majority of studied organizations stated they would take this action.

The 2024 Cost of a Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 604 organizations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute, and sponsored and analyzed by IBM, has been published for 19 consecutive years and has studied the breaches of more than 6,000 organizations, becoming an industry benchmark. 

Additional Sources

  • Download a copy of the 2024 Cost of a Data Breach Report.
  • Sign up for the 2024 IBM Security Cost of a Data Breach webinar on Tuesday, August 13, 2024, at 11:00 a.m. ET. 
  • Read more about the report's top findings in this IBM Security Intelligence blog.
  • For more information about IBM Canada, visit www.ibm.com/ca-en 

Media Contact:
Lorraine Baldwin
IBM Canada Communications
lorraine@ca.ibm.com

Media Resources:  B-Roll

Release Categories