Breach Notification , Cybercrime , Fraud Management & Cybercrime

IBM Survey: Cost of Data Breach in Japan, ASEAN Region on Par with Europe

Worldwide Average Breach Cost Down Slightly to $4.45M, US Still Leads at $9.48M
IBM Survey: Cost of Data Breach in Japan, ASEAN Region on Par with Europe
Downtown Tokyo, Japan (Image: Shutterstock)

The average cost of a data breach worldwide dropped slightly to $4.45 million in 2023, according to a new IBM survey. But breach victims in Japan, India and the ASEAN region faced data breach costs over the past year that rival losses suffered by organizations in Europe.

See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware

IBM surveyed 533 breach victims globally, and its Cost of a Data Breach Report 2023 found that the average breach cost in Japan ($4.52 million) surpassed the cost in the United Kingdom ($4.21 million). The United States again led the world with an average cost per breach of $9.48 million.

Organizations based in ASEAN countries, from the Philippines and Indonesia to Australia, reported an average loss of $3.05 million – a 6% increase over 2022. The cost in Australia fell 8% over the last year to $2.7 million.

In India, the average cost of a data breach fell slightly to $2.18 million. But the cost has jumped 28% since 2020, and detection and escalation costs jumped 45% over this same time frame. Malicious insider threats cost organizations almost as much as social engineering attacks. Costs fell overall in the region, but IBM warned that the decline should not drive organizations into complacency.

"It’s clear that there is still considerable opportunity for businesses to boost detection and response speeds and help stop the ongoing trend of growing breach costs," said Viswanath Ramaswamy, vice president of technology for IBM India and South Asia.

Incident Response Capabilities Needed

Mature incident response and planning programs, security testing during the software development process and less security system complexity helped organizations reduce losses over the past year by identifying and containing breaches, the IBM report said.

Organizations with advanced DevSecOps processes, mature incident response and testing practices, and little or no security system complexity saved $1.5 million or more over the past year in breach detection and handling costs compared to those without these capabilities. Organizations that took more than 200 days to identify a breach also had to pay significantly more to remediate breach incidents.

Ramaswamy said AI and security automation capabilities measurably helped organizations reduce spending on breach detection and response - cutting the average breach lifecycle by 153 days and cutting losses over $1 million, on average.

IBM's report also showed that organizations that did not involve law enforcement agencies when responding to ransomware attacks paid $470,000 in additional cost and experienced a 33-day longer breach lifecycle. The report also highlighted the importance of advanced breach detection capabilities. In fact, 67% of organizations reported that they learned about a breach from a third party or the attackers themselves.


About the Author

Jayant Chakravarti

Jayant Chakravarti

Senior Editor, APAC

Chakravarti covers cybersecurity developments in the Asia-Pacific region. He has been writing about technology since 2014, including for Ziff Davis.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.