South Africa has one of the highest costs of data breaches in the world, according to a study by IBM Security.
According to IBM Security’s annual “Cost of a Data Breach” report, the average data breach cost for South African organizations reached an all-time high of R49.45 million in 2023. This is an 8% increase over the last 3 years, and a 73% increase since South Africa was added to the report 8 years ago.
The report also states that the per record average cost of data breaches reached an all-time high at R2,750, a 20% increase from R2,300 in 2021. Detection and escalation costs reached R20.88 million—the highest portion of breach costs, which indicates a shift towards more complex breach investigations. Costs associated with lost business stood at R13.56 million, while post-breach responses cost R13.29 million and notifying relevant stakeholders cost R1.72 million.
The financial sector bore the brunt of data breaches, with the highest average cost of data breaches in the sector totalling R73.1 million. The industrial and services sectors were second and third, with R71.37 million and R58.78 million respectively.
“South Africa is the financial centre and economic gateway to the rest of the continent. This knowledge is not exclusive to the business community; cyber attackers are aware of it too as the financial sector is the most targeted,” said Ria Pinto, general manager and technology leader at IBM South Africa. “Organisations should look to modernise their perimeter security strategies to enhance protection of their financial data by using zero-trust security solutions, underpinned by AI and automation, to increase their cyber resiliency, manage the risks and comply with strict data privacy policies such as the Protection of Personal Information Act (POPIA).”
The majority of cyber threats were the results of stolen or compromised credentials and phishing scams constituting 14% each as the initial attack vectors. Attacks through compromised business emails were second at 12%, and attacks due to cloud misconfiguration were third at 11%. The study also found that globally, 95% of studied organisations, including South African organisations, have experienced more than one breach. However, breached organisations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%).
AI to the rescue
According to the report, AI and automation had the biggest impact on the speed of breach identification and containment for studied organizations. In South Africa, organisations with extensive use of both AI and automation experienced a data breach lifecycle that was 95 days shorter compared to studied organisations that did not deploy these technologies (190 days versus 285 days). Only 28% of studied organisations have extensively implemented security AI and automation.
Additionally, studied organisations that deployed security AI and automation extensively saw an average decrease of nearly R10.49 million in data breach costs than those that did not deploy these technologies. This was the biggest cost saver identified in the report. And with nearly 29% of studied organisations not yet deploying security AI and automation and 43% using them sparingly, organisations still have a considerable opportunity to boost detection and response speeds.
“Time is the new currency in cybersecurity, both for the defenders and the attackers. As the report shows, early detection and fast response can significantly reduce the impact of a breach,” said Chris McCurdy, the general manager of Worldwide IBM Security Services. “Security teams must focus on where adversaries are the most successful and concentrate their efforts on stopping them before they achieve their goals. Investments in threat detection and response approaches that accelerate defenders’ speed and efficiency – such as AI and automation – are crucial to shifting this balance.”
According to INTERPOL’s 2022 Africa Cyberthreat Assessment report [pdf], South Africa leads the continent in the number of identified cybersecurity threats, with 230 million total threat detections. Research by Accenture also illustrates the severity of the cybercrime landscape, with the country recording the third-highest number of cybercrime victims worldwide, at a cost of R2.2 billion a year.