Data from 553 organizations studied showed that corporate attitudes towards involving the authorities and deploying AI cybersecurity solutions varied widely.

In-depth analysis of real-world data breaches experienced by 553 organizations globally between March 2022 and March 2023 has shown that, in ASEAN countries, the average cost of an incident reached US$3.05m early this year — a 6% increase YoY increase and also an all-time high in the 18-year history of such annual analyses by IBM Security.

In this case, the “ASEAN region” constitutes a cluster sample of firms located in Indonesia, the Philippines, Malaysia, Singapore, Thailand and Vietnam.

According to IBM Security, businesses are divided in how they plan to handle the increasing cost and frequency of data breaches. The data showed that 95% of organizations analyzed had experienced more than one breach; with 57% of breached organizations more likely to pass incident costs onto consumers than to increase security investments (51%).  

In the ASEAN region in focus, nearly 38% of data breaches had resulted in the loss of data across multiple environments such as public cloud, private cloud, and on-premises infrastructure. Attackers had been able to compromise multiple environments while avoiding detection. Those breaches that had impacted multiple environments had also led to higher breach costs (US$3.14m on average).

Other findings

Some of the organizations studied remained apprehensive to engage law enforcement during a ransomware attack due to the perception that such an act could only complicate the situation. However, upon closer investigation, evidence was found to indicate the contrary.

At a global level, participating organizations that did not involve law enforcement experienced breach life cycles that were 33-days longer on average than those that did involve law enforcement. Also, the former group paid on average US$470,000 higher breach costs.

Despite ongoing efforts by law enforcement to collaborate with ransomware victims, 37% of respondents still opted not to involve the authorities. Also, 47% of respondents that were ransomware victims reportedly paid the ransom. Other findings include:

    • AI and automation had the biggest impact on speed of breach identification and containment for studied organizations. For the ASEAN organizations with extensive use of both AI and automation experienced a data breach lifecycle that was 99 days shorter, with nearly US$1.25mlower data breach costs compared to those not deploying such technologies — the biggest cost saver identified in the analysis.
    • At a global level, one third of studied breaches were detected by an organization’s own security team, compared to 27% that were disclosed by an attacker. On average, data breaches disclosed by the attacker cost nearly US$1m more (US$5.23m vs US$4.3m) compared to organizations in the report that had identified the breach themselves. Globally, the data showed that one in three of breaches analyzed were detected by the organisation’s own security teams or tools, while 27% of such breaches were disclosed by an attacker, and 40% were disclosed by a neutral third party such as law enforcement. Breaches disclosed by an attacker also had a lifecycle nearly 80 days longer (320 vs 241) compared to those who identified the breach internally.
    • Financial services and energy firms saw the highest breach costs. Across the ASEAN respondents, those in the financial sector payed nearly US$4.81m on average per breach, while the energy sector paid US$3.6m on average.
    • At a global level, organizations across all industries with a high level of DevSecOps saw a global average cost of a data breach nearly US$1.7m lower than those with a low level/no use of such an approach.
    • Globally, organizations deemed as critical infrastructure in the analysis experienced a 4.5% jump in the average costs of a breach compared to last year — increasing from US$4.82m to US$5.04 million: US$590K higher than the global average.

Said Chris Hockings, Chief Technology Officer, IBM Security (Asia Pacific): “In 2023, the industry is reaching a tipping point in the maturity curve for AI in security operations where enterprise grade AI capabilities can be trusted and automatically acted upon via orchestrated response. This will unlock tangible benefits for speed and efficiency, which are desperately needed in today’s business landscape where early detection and fast response can significantly reduce the impact and losses of businesses.”