Average cost of a data breach in India reached an all-time high of ₹195 mn in 2024: IBM
The average cost of a data breach in India reached an all-time high of ₹195 million in 2024, IBM reported in its annual Cost of a Data Breach Report on Tuesday.
The most common initial attack types in India were phishing and stolen or compromised credentials, accounting for 18% of incidents each, followed by cloud misconfiguration (12%). Business email compromise was the costliest root cause at an average total cost of ₹215 million per breach, followed by social engineering (₹213 million) and phishing (₹209 million) as the next highest costs, IBM said in the report.
According to the report, breach costs jumped 39% since 2020 and 9% from the prior year, as breaches grow more disruptive and further expand demands on cyber teams.
Lost business and notification costs drove the year-over-year cost spike in India, as the collateral damage from data breaches has only intensified. The cost of lost business — operational downtime, lost customers, and reputation damage, among others — escalated nearly 45%, and notification costs jumped 19% from the previous year. The slight rise in detection and escalation costs (almost 7% over the same time frame), reflects the complexity of breach investigations, and once again represents the highest portion of breach costs in India.
“’The findings reinforce the importance of a proactive and integrated AI-powered approach to cybersecurity. As cyberattacks gain pace and complexity, their impact on organisations becomes multi-dimensional, affecting reputational, financial and operational aspects,” said Viswanath Ramaswamy, Vice President, Technology, IBM India & South Asia.
According to the 2024 report, 34% of data breaches studied in India involved data stored on public clouds and 29% across multiple environments (including public cloud, private cloud and on-premise).