Average cost of a data breach in India reached an all-time high of ₹195 mn in 2024: IBM

The average cost of a data breach in India reached an all-time high of ₹195 million in 2024, IBM reported in its annual Cost of a Data Breach Report on Tuesday.

The most common initial attack types in India were phishing and stolen or compromised credentials, accounting for 18% of incidents each, followed by cloud misconfiguration (12%). Business email compromise was the costliest root cause at an average total cost of ₹215 million per breach, followed by social engineering (₹213 million) and phishing (₹209 million) as the next highest costs, IBM said in the report.

According to the report, breach costs jumped 39% since 2020 and 9% from the prior year, as breaches grow more disruptive and further expand demands on cyber teams.

Lost business and notification costs drove the year-over-year cost spike in India, as the collateral damage from data breaches has only intensified. The cost of lost business — operational downtime, lost customers, and reputation damage, among others — escalated nearly 45%, and notification costs jumped 19% from the previous year. The slight rise in detection and escalation costs (almost 7% over the same time frame), reflects the complexity of breach investigations, and once again represents the highest portion of breach costs in India.

“’The findings reinforce the importance of a proactive and integrated AI-powered approach to cybersecurity. As cyberattacks gain pace and complexity, their impact on organisations becomes multi-dimensional, affecting reputational, financial and operational aspects,” said Viswanath Ramaswamy, Vice President, Technology, IBM India & South Asia.

According to the 2024 report, 34% of data breaches studied in India involved data stored on public clouds and 29% across multiple environments (including public cloud, private cloud and on-premise).

Disclaimer: The copyright of this article belongs to the original author. Reposting this article is solely for the purpose of information dissemination and does not constitute any investment advice. If there is any infringement, please contact us immediately. We will make corrections or deletions as necessary. Thank you.
You might also like