Breaches of organizations that employ automation and AI in their security systems on average cost over $3 million less compared to businesses that have no such deployment. This takeaway comes from the latest annual Cost of a Data Breach report sponsored, analyzed and published by IBM Security™ using research conducted by the Ponemon Institute.

The benefits of automation keep growing

In 2021, the difference in cost between organizations with fully deployed automated security structures compared to those with no security automation in the report is a gap of USD 3.81 million.

The cost differences continue the trend indicated by previous Cost of a Data Breach reports of an increasingly wider gap between those with and without security automation shown in previous years. In 2020, organizations with a fully automated security structure paid USD 3.58 million less than those with no automation in place. The gap was USD 2.51 million in 2019.

At the same time, the share of businesses that have at least partially deployed security automation or AI increased six points from 2020 to 2021, from 59 percent to 65 percent. Respondents reporting fully deployed automation for the organizations in the same period went from 21 percent to 25 percent, while those respondents claiming partially deployed automation grew from 38 percent to 40 percent.

Automation and AI dramatically reduce the days needed to identify and contain a data breach. For organizations with fully deployed security AI or automation, it took an average of 184 days to identify the breach and 63 days to contain the breach, for a total lifecycle of 247 days. Organizations with no security AI or automation deployed took an average of 239 days to identify the breach and 85 days to contain, for a total lifecycle of 324 days.

To put this difference of 77 days into perspective, for fully deployed organizations, a breach occurring on 1 January would on average take until 4 September to identify and contain. In contrast, for organizations with no automation deployed, a breach on 1 January would take on average until 20 November to identify and contain.

The time it takes to identify and contain a breach has consistently been correlated with the overall cost of a breach. The longer threat actors are in an environment, the more opportunities they have to cause damage to systems and the broader the infection can become. Simply put, when it comes to breaches, time is money. Automation helps significantly reduce this time to find and repair any issues earlier and reduce costs associated with a data breach.

Automation and AI benefits extend beyond breaches

Automation and AI also act as force multipliers for an organization, increasing the effectiveness of the existing workforce while assuming responsibilities for mundane tasks. Beside saving costs, this gives security officers at a business more time and resources to focus on data breaches.

Additionally, some industries have extra regulatory requirements around their data, such as healthcare and finance. Automation and AI can parse different streams of data from different sources to maintain regulatory compliance. The healthcare and finance industries in particular have invested more resources in automation and AI for cybersecurity in recent years.

The process of incorporating security automation and AI can be challenging and complex to implement if there are no experts in the field within an organization. Fortunately, IBM Security offers external expertise to assist in fulfilling this need.

Take time to discover more

This blog is the third in a series covering security measures organization leaders can take to address data breaches, following zero trust and risk quantification. The next installment addresses a final element to consider, cloud security. For an overview of all these issues, read the report to learn more about what options exist to address a data breach.