Cost of data breaches in India hits all-time high in FY24: IBM
IBM has released its annual Cost of a Data Breach report, which revealed that the average cost of a data breach in India has reached an all-time high of Rs. 19.5 crore ($2.35 million) during the financial year 2024. The numbers have jumped by 39% since 2020 and 9% from the previous year as data breaches become increasingly common.
Collateral damage from these costs including operational downtime, local customers and reputational damage has increased by 45% with notification costs jumping up by 19% from the previous year.
“Considering that India is getting ready for the rollout of the DPDP Act 2023, businesses also need to assess the regulatory implications of such attacks and ensure end-to-end compliance. Therefore, prioritizing data security and safeguarding critical assets to help ensure that only the right people have access to organizational resources is essential,” said Viswanath Ramaswamy, Vice President, Technology, IBM India & South Asia.
The most common initial attack types in India were phishing and stolen or compromised credentials, accounting for 18% of incidents each followed by cloud misconfiguration (12%). Business email compromise was the costliest root cause at an average total cost of INR 215 million per breach, followed by social engineering (INR 213 million) and phishing (INR 209 million) as the next highest costs.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
The Indian industrial sector faced the highest impact from data breaches, with average cost reaching INR 255 million, followed by the technology industry at INR 243 million and the pharmaceutical sector at INR 221 million.
According to the report, organizations which took less than 200 days to identify and contain a data breach incurred an average cost of INR 184 million. By contrast, organizations with a data breach lifecycle extending beyond 200 days incurred an average cost of INR 205 million.In India, AI helped local companies shorten the data breach lifecycle by 112 days and incurred an average INR 130 million less in breach costs, compared to organizations without security AI and automation deployments.