This article synthesizes key findings and important information regarding the current landscape of data breaches, their costs, causes, and potential mitigation strategies. The insights are drawn from the IBM Cost of a Data Breach Report 2024, the Identity Theft Resource Center's (ITRC) 2024 Data Breach Report, and excerpts from Verizon's 2025 Data Breach Investigations Report (DBIR). The aim is to provide a comprehensive overview of the trends and implications of data breaches in today's digital environment.

Key Themes

• Rising Cost of Data Breaches: The average cost of a data breach continues to increase globally, driven by factors such as business disruption and post-breach response activities.

• Prevalence of Cyberattacks: Cyberattacks remain the dominant cause of data breaches, with stolen credentials and ransomware being significant vectors.

• Impact of Human Factors: Errors and misuse of privileges by insiders contribute a notable percentage to data breaches.

• Growing Role of AI and Automation: Organizations are increasingly adopting AI and automation for security purposes, which can impact breach detection and containment times.

• Third-Party Involvement: Third parties are playing an increasing role in data breaches.

• Business Interruption: Data breaches frequently lead to significant business disruption.

• Cost Shifting to Consumers: A growing number of companies are passing on data breach costs to their customers through price increases.

• Importance of Data Inventory and Incident Response: Effective data management and robust cyber response training are crucial for reducing breach costs and impact.

• Industry and Regional Variations: The frequency and impact of data breaches vary significantly across different industries and geographical regions.

• The VERIS Framework: The VERIS framework is a critical tool for consistently collecting and analyzing security incident data, enabling comprehensive reporting like the Verizon DBIR.

Most Important Ideas and Facts

• Average Global Cost: The average cost of a data breach globally has risen by 10% to USD 4.88 million, the largest increase since the pandemic. (IBM Report)

• Primary Cost Drivers: Business interruption and post-breach response measures are the main contributors to the increase in data breach costs. (IBM Report)

• Cyberattacks Dominate: Cyberattacks account for the vast majority of data breaches, making up 2,525 out of 2,850 breaches and impacting over 1.2 billion victim notices in the ITRC data. (ITRC Report)

• Human Error and System Errors: System and human errors were responsible for 310 breaches or exposures and over 116 million victim notices in the ITRC data, highlighting the continued importance of these factors. (ITRC Report)

• Stolen Credentials as a Vector: The average cost of a data breach where attackers use compromised credentials was USD 4.81 million. These attacks also had a longer time to identify and contain. (IBM Report)

• Duration of Breaches Matters: Data breaches with longer lifecycles (detection and containment time) were more costly. (IBM Report)

• AI and Automation Adoption: The comprehensive use of AI and automation in security has increased to 31% of surveyed companies. (IBM Report)

• Price Increases Post-Breach: 63% of companies reported planning to increase prices for goods and services following a data breach, a 10.5% increase from the previous year. (IBM Report)

• Significant Business Impact: 70% of surveyed companies experienced significant or very significant business disruption due to a data breach. (IBM Report)

• Third-Party Involvement Doubled: Third-party involvement was found in 30% of all breaches analyzed in the Verizon DBIR, a significant increase from approximately 15% the previous year. (Verizon DBIR)

• Top Data Types Compromised: Personal data (58%) and Internal data (49%) are the most frequently compromised data types. Credentials (12%), Secrets (11%), and Sensitive Personal data (10%) are also frequently targeted. (Verizon DBIR)

• Manufacturing Sector Trends: The manufacturing sector saw a significant rise in Malware-related breaches (up to 66%), with Ransomware being a major pattern (47%). (Verizon DBIR)

• Public Sector Attacks: Both Federal and State/Local/Territorial/Tribal (SLTT) government entities are experiencing increasing targeted attacks, including prominent ransomware cases. (Verizon DBIR)

• Growth in DDoS Attacks: Distributed Denial of Service (DDoS) attacks have shown significant growth since 2018, with over 200% growth in the median size and about 1,000% increase in the upper bounds of the BPS of these attacks. (Verizon DBIR)

• Internal Privilege Misuse: In incidents of privilege misuse, which often involve insiders, 99% were attributed to employees using their access to steal data or perform other related actions. (Verizon DBIR)

Recommendations for Reducing Costs (from IBM Report)

1. Maintain a Data Inventory: Keep track of data across multiple environments (on-premises, private, and public clouds) to understand what data might be stolen and its sensitivity.

2. Improve Cyber Response Training: Engage in cyber-range crisis simulations and develop and test response plans with security teams, management, and other business functions.

3. Offer Security Training to Non-Security Personnel: Provide security training to professionals working with data and AI, such as data scientists and data engineers.

Insights from the VERIS Framework (Verizon DBIR)

• The VERIS framework categorizes security incidents by Threat actor (who is behind the event) and Threat action (what tactics were used).

• The framework also documents the VERIS Attributes, which describe the effects of an incident on the environment, including Confidentiality, Integrity, and Availability.

Conclusion

Despite the technological advances and changes, these reports reflect the threat vectors and sources of compromise have essentially remain consistent year on year.