IBM: Data Breach Costs for Businesses Continue Their Upward Trajectory in the Middle East Reaching an Average of SAR 32.80 Million
-
Security staff shortage – When analyzing the costs for local organizations, the report found that the shortage of security skills contributes to the average increase in data breach costs by SAR 1.62 million. This highlights the pressing need for businesses to bridge the gap.
-
Lack of compliance and complexity – Another factor identified was non-compliance with regulations, which contributed to data breaches costing businesses an average of SAR 1.25 million more. The third factor was the complexity of security systems, which cost an average of SAR 975K.
-
Main initial attack vectors – At 19%, stolen or compromised credentials was the most common initial attack vector and represented an average cost of SAR 33.60 million per breach. Followed by attacks using zero-day vulnerability at 16% (SAR 32.31 million). In third place were phishing (SAR 34.75 million), business email compromise (SAR 32.15 million) and cloud misconfiguration (SAR 30.62 million), accounting for 10% of incidents each. Social engineering, in fourth place, had an average cost of SAR 36.05 million and was involved in 8% of breaches studied.
-
Data breach and storage – The 2024 report stated that breaches involving data stored across multiple environments had an average cost of SAR 34.23 million, while breaches in the public cloud cost an average of SAR 35.92 million, with each type accounting for 31% of the incidents. Followed by private cloud, which represented an average of SAR 30.66 million, and on-premise at SAR 27.36 million per breach, with both accounting for 19% each. This emphasizes the significant financial impact of breaches on organizations and underscores the need for enhanced security measures to protect sensitive information across multiple environments.
-
Impact of leveraging security AI and automation – Organizations in the Middle East that extensively deployed security AI and automation experienced lower data breach costs, with an average cost of SAR 26.54 million compared to those that did not, who incurred costs of SAR 38.85 million. In addition, these technologies also benefit the data breach lifecycle. Organizations that extensively used security AI and automation had an average time of 198 days to identify a breach and 57 days to contain it. In contrast, organizations that did not deploy these technologies had an average time of 294 days to identify a breach and 78 days to contain it.
Comments are closed.