IBM has reported that the cost of an enterprise data breach has reached a post-pandemic peak, climbing to $4.88 million. This figure represents a 10% increase from the previous year and the largest jump since the pandemic began. The data, detailed in IBM's 2024 Cost of a Data Breach Report, was derived from interviews with 3,556 security and business experts across 604 global organizations between March 2023 and February 2024.


The report, the 19th annual edition conducted by the Ponemon Institute, cites several factors contributing to the rising costs, including the growing complexity of IT environments—spanning on-premises, private, and public cloud resources—and widespread staffing shortages in security teams.

Key drivers of the increased costs include losses from operational downtime, lost customers, and post-breach response efforts such as enhanced customer support and higher regulatory fines. Collectively, these factors accounted for $2.8 million, marking the highest combined cost for lost business and post-breach activities in six years.

The United States continues to lead in breach costs, with an average of $9.36 million, followed by the Middle East, Germany, Italy, and Benelux. Interestingly, while Canada and Japan saw reductions in average costs, Italy and the Middle East experienced significant increases.

IBM's John Zorabedian noted that breaches involving multi-environment setups were particularly costly, averaging over $5 million and taking an average of 283 days to identify and contain. This underscores the challenges of managing and securing data across diverse environments, including shadow data and unencrypted AI workloads.

Supporting IBM’s findings, a recent Cisco study indicated that 92% of organizations use multiple public cloud providers, with 34% using more than four. Cisco highlighted the need for better visibility and control across these varied cloud environments and expects that 60% of companies will implement integrated multicloud networking and security management platforms within the next two years.