Close to one-third of cyber security leaders at private firms have reported that most of their serious data breaches within the past three years have cost them at least $1 million, a new PwC report says.
About 8 per cent of organisations have reported that these data breaches have cost them over $20 million, the report said, while more than four of ten security leaders and chief financial officers (CFOs) have witnessed a data breach costing them over $500,000 since 2021.
High costs associated with security threats come as companies continue to grapple with challenges in the cybersecurity domain.
Firms have reported that they are expanding their cybersecurity budgets, which are anticipated to increase by 15 per cent or more over the coming year. Ninety-three per cent of respondents polled in the PwC survey anticipate an increase in their cybersecurity budgets next year. Close to one-fifth of them are planning to raise their budgets by 15 per cent or more, which is an increase of a marginal 1 per cent from last year.
Forty-two per cent of business leaders in the country are prioritising data protection and remediation following incidents of recent cyber breaches. This forms a major portion of their cyber investment strategy in the upcoming calendar year.
Also Read
For instance, in August, Star Health and Allied Insurance Company faced a significant data hack, as part of which customer data, including medical reports, was stolen and posted on the messaging application Telegram.
In July, homegrown crypto exchange firm WazirX faced a security breach, leading to the loss of over $230 million when one of its multisig wallets was compromised.
About three-fourths of company security leaders polled in the PwC survey reported that generative artificial intelligence (GenAI) has expanded their attack surface in the past year. Eighty seven per cent of organisations have boosted their GenAI investment in the past 12 months, making it the top pick in cyber investments, but face challenges such as lack of trust, inadequate controls, and the lack of standardised internal policies for the use of GenAI when it comes to integrating it into their cybersecurity strategies.
“Advances in emerging technologies such as artificial intelligence (AI) and the increased adoption of cloud services have significantly expanded the attack surface for enterprises. This trend underscores the necessity for a flexible, enterprise-wide resilience strategy,” said Manu Dwivedi, partner and leader (Cybersecurity and Risk Consulting GCC), PwC India.
The survey polled 4,042 business and technology executives across 77 countries, of which 155 respondents were from India.