Indian organisations' average cost of data breaches reached Rs 17.9 crore in 2023: a 28 per cent increase since 2020 and a record high, said a report on Tuesday.

       The detection and escalation cost for organisations has increased 45 per cent since 2020, said IBM’s 'Security Cost of a Data Breach' report, indicating a shift towards more complex breach investigations.

       At 22 per cent, phishing was the most common cyberattack in India. It was followed by stolen or compromised credentials (16 per cent). Social engineering was the costliest root cause of breaches at Rs 19.1 crore, followed by malicious insider threats, which amounted to approximately Rs 18.8 crore.

       “With cyberattacks growing in pace and cost in India, businesses must invest in modern security strategies and solutions to stay resilient. The report shows that security AI (artificial intelligence) and automation had the biggest impact on keeping breach costs down and cutting time off the investigation – and yet a majority of organizations in India still haven’t deployed these technologies,” said Viswanath Ramaswamy, vice president, technology, IBM India & South Asia.

       Globally, businesses are divided on how they plan to handle the increasing cost and frequency of data breaches. While 95 per cent of organisations studied globally have experienced more than one breach, they were more likely to pass incident costs onto consumers (57 per cent) than to increase security investments (51 per cent).

       In India, 28 per cent of breaches studied resulted in the loss of data stored in multiple types of environments (public and private cloud, for example. This indicates that attackers were able to compromise multiple environments while avoiding detection. When data stored in multiple environments was breached, it had the highest associated cost (Rs 18.8 crore) and took the longest to identify and contain (327 days).

       Also Read

       Data breach: Personal data of Covid vaccine recipients leaked on Telegram

       53-year-old Mumbai man sells flat for Rs 1.3 cr, loses all to cyber fraud

       Rising online frauds: Gurugram woman loses Rs 76 lakh in movie review scam

       Mumbai costliest city to live for expatriates in India: Mercer Report

       State govt web domains 'extremely vulnerable' to cyberattacks: Report

       Airtel Business first enterprise to link over 20 million IoT devices

       Byju's 'regularly disregarded' former director's advice, says Prosus

       Low-cost carrier Spicejet taken off DGCA's enhanced surveillance regime

       EESL signs Rs 110 cr agreements with APSHCL to provide energy solutions

       Land spinoff holds up $232 million BEML privatisation deal: Reports

       “It’s clear that there is still considerable opportunity for businesses to boost detection and response speeds and help stop the ongoing trend of growing breach costs,” said Ramaswamy.

       AI and automation speed up breach identification and containment. In India, companies that extensively use AI and automation experienced a data breach lifecycle that was 153 days shorter compared to studied organizations that have not deployed these technologies (225 days versus 378 days).

       Organisations that have deployed security AI and automation extensively saw nearly Rs 9.5 crore lower data breach costs than those that have not: the biggest cost-saver identified in the report. As many as 80 per cent of studied organisations the report studied in India have limited (37 per cent) or no use (43 per cent) of AI and automation.