The average cost of a data breach in the Asean region has surged to a record high of $3.23 million in 2024 or a 6% increase from 2023. This finding comes from the latest edition of IBM’s annual Cost of a Data Breach Report.
According to research conducted by the Ponemon Institute on behalf of IBM, the financial services sector remains the most heavily targeted industry, with an average breach cost of $5.57 million. This is followed by the industrial sector at $4.18 million, and the technology sector at $4.09 million.
The 2024 report focused on organizations in Singapore, Indonesia, the Philippines, Malaysia, Thailand, and Vietnam, which is based on an in-depth analysis of real-world data breaches experienced by 604 organizations globally between March 2023 and February 2024. This research, now in its 19th consecutive year, has become an industry benchmark, having studied breaches across more than 6,000 organizations to date.
A most noticeable trend is the growing adoption of artificial intelligence (AI) and automation within Security Operation Centers (SOCs). In 2024, 56% of the organizations surveyed had implemented these technologies, an 8% increase from the previous year. IBM noted that companies utilizing AI and automation can potentially reduce the lifecycle of a data breach by 99 days, saving an average of $1.42 million in breach costs compared to those without these deployments.
“While AI technologies offer defenders new tools for rapidly identifying and automating responses to threats, they also expand the attack surface and present new risks for security teams,” IBM highlighted in the report.
Organizations reporting skills or staff shortages experienced 26% higher costs, with an average increase of $1.76 million, compared to those with adequate security staffing. Recognizing this challenge, 63% of respondents indicated plans to increase their staffing budget, up from 51% before the survey. The majority of these investments are expected to go toward training and upskilling.
Significant disruption
As anticipated, 70% of organizations that experienced a breach reported significant or very significant disruption. The lingering effects of data breaches are not only driving up costs but also prolonging recovery times, with more than 100 days needed for most of the 12% of organizations that managed to fully recover.
“Disruption is the new cost of insecurity, and security is becoming the new cost of doing business,” said Catherine Lian, GM of IBM Asean. “The 2024 report reveals the extent and cost of business disruption caused by data breaches, which can even lead to complete business shutdowns. As the collateral damage from breaches intensifies, lost business and post-breach customer response costs have driven this year’s increase.”
Lian emphasized that the stakes are higher than ever in the AI era. While generative AI can help mitigate the skills shortage, it is also being exploited to launch attacks at scale.
“Security can no longer be an afterthought,” she added. “Asean companies must invest in AI-driven defenses to stay ahead and harness the potential of these technologies, ensuring business continuity and protecting their customers.”