Category Page
Client News
IBM Report: Escalating Data Breach Disruption Pushes Costs to New Highs
Intellectual property theft spiked; More than one-third of breaches involved shadow data
Yet use of AI/Automation cut breach costs by €1.73 million
IBM (NYSE: IBM) released its annual Cost of a Data Breach Report revealing the global average cost of a data breach reached €4.49 million in 2024, as breaches grow more disruptive and further expand demands on cyber teams. Breach costs increased 10% from the prior year, the largest yearly jump since the pandemic, as 70% of breached organisations reported that the breach caused significant or very significant disruption.
Lost business and post-breach customer and third-party response costs drove the year-over-year cost spike, as the collateral damage from data breaches has only intensified. The disruptive effects data breaches are having on businesses are not only driving up costs, but are also extending the after-effect of a breach, with recovery taking more than 100 days for most of the small number (12%) of breached organisations that were able to fully recover.
The 2024 Cost of a Data Breach Report is based on an in-depth analysis of real-world data breaches experienced by 604 organisations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute, and sponsored and analysed by IBM, has been published for 19 consecutive years and has studied the breaches of more than 6,000 organisations, becoming an industry benchmark.
Some key findings in the 2024 IBM report include:
- Understaffed Security Teams – More organisations faced severe staffing shortages compared to the prior year (26% increase) and observed an average of €1.62 million in higher breach costs than those with low level or no security staffing issues.
- AI-Powered Prevention Pays Off – Two out of three organisations studied are deploying security AI and automation across their security operation center (SOC). When these technologies were used extensively across prevention workflows organisations incurred an average €2.03 million less in breach costs, compared to those with no use in these workflows – the largest cost savings revealed in the 2024 report.
- Data Visibility Gaps – Forty percent of breaches involved data stored across multiple environments including public cloud, private cloud, and on-prem. These breaches cost more than €4.6 million on average and took the longest to identify and contain (283 days).
“Businesses are caught in a continuous cycle of breaches, containment and fallout response. This cycle now often includes investments in strengthening security defenses and passing breach expenses on to consumers – making security the new cost of doing business,” said Kevin Skapinetz, Vice President, Strategy and Product Design, IBM Security. “As generative AI rapidly permeates businesses, expanding the attack surface, these expenses will soon become unsustainable, compelling business to reassess security measures and response strategies. To get ahead, businesses should invest in new AI-driven defenses and develop the skills needed to address the emerging risks and opportunities presented by generative AI.”
Security staffing shortages drove up breach costs
More than half of the organisations studied had severe or high-level staffing shortages last year and experienced significantly higher breach costs as a result (€5.28 million for high levels vs. €3.66 million for low levels or none). This comes at a time when organisations are racing to adopt generative AI (gen AI) technologies, which are expected to introduce new risks for security teams. In fact, according to a study from the IBM Institute for Business Value, 51% of business leaders surveyed were concerned with unpredictable risks and new security vulnerabilities arising, and 47% were concerned with new attacks targeting AI.
Mounting staffing challenges may soon see relief, as more organisations stated that they are planning to increase security budgets compared to last year (63% vs. 51%), and employee training emerged as a top planned investment area. Organisations also plan to invest in incident response planning and testing, threat detection and response technologies (e.g., SIEM, SOAR and EDR), identity and access management and data security protection tools.
Hacking the clock with AI
The report found that 67% of organisations deployed security AI and automation extensively – a near 10% jump from the prior year – and 20% stated they used some form of gen AI security tools. Organisations that employed security AI and automation extensively detected and contained an incident, on average, 98 days faster than organisations not using these technologies. At the same time, the global average data breach lifecycle hit a 7-year low of 258 days – down from 277 days the prior year and revealing that these technologies may be helping put time back on defenders’ side by improving threat mitigation and remediation activities.
Shorter breach lifecycles can also be attributed to the increase in internal detection: 42% of breaches were detected by an organisation’s own security team or tools compared to 33% the prior year. Internal detection shortened the data breach lifecycle by 61 days and saved organisations nearly €0.92 million in breach costs compared to those disclosed by an attacker.
Data insecurities fuel intellectual property theft
According to the 2024 report, 40% of breaches involved data stored across multiple environments and more than one-third of breaches involved shadow data (data stored in unmanaged data sources), highlighting the growing challenge with tracking and safeguarding data.
These data visibility gaps contributed to the sharp rise (27%) in intellectual property (IP) theft. Costs associated with these stolen records also jumped nearly 11% from the prior year to €159 million per record. IP may grow even more accessible as gen AI initiatives push this data and other highly proprietary data closer to the surface. With critical data becoming more dynamic and active across environments, businesses will need to reassess the security and access controls surrounding it.
Other key findings in the 2024 Cost of a Data Breach Report include:
- Stolen credentials topped initial attack vectors – At 16%, stolen/compromised credentials was the most common initial attack vector. These breaches also took the longest to identity and contain at nearly 10 months.
- Fewer ransoms paid when law enforcement is engaged – By bringing in law enforcement, ransomware victims saved on average nearly €0.92 million in breach costs compared to those who didn’t – that savings excludes the ransom payment for those that paid. Most ransomware victims (63%) who involved law enforcement were also able to avoid paying a ransom.
- Critical infrastructure organisations see highest breach costs – Healthcare, financial services, industrial, technology and energy organisations incurred the highest breach costs across industries. For the 14th year in a row, healthcare participants saw the costliest breaches across industries with average breach costs reaching €8.99 million.
- Breach costs passed to consumers – Sixty-three percent of organisations stated they would increase the cost of goods or services because of the breach this year – a slight increase from last year (57%) – this marks the third consecutive year that the majority of studied organisations stated they would take this action.
Download a copy of the 2024 Cost of a Data Breach Report.
Seven Enforcement Orders Served on Food Businesses in June
The Food Safety Authority of Ireland (FSAI) today reported that seven Enforcement Orders were served on food businesses during the month of June for breaches of food safety legislation, pursuant to the FSAI Act, 1998 and the European Union (Official Controls in Relation to Food Legislation) Regulations, 2020. The Enforcement Orders were issued by Environmental Health Officers in the Health Service Executive (HSE).
Three Closure Orders were served under the FSAI Act, 1998 on:
- Board (Closed area: The Upper storey of the building) (service sector), 29 Clanbrassil Street Upper, Dublin 8
- Mercury Eastern European Food (retailer), Unit 25, Midleton Business Enterprise Park, Dwyer Road, Midleton, Cork
- Giraffe Childcare Limited, Elm Park, Merrion Road, Dublin 4
Two Closure Orders were served under the European Union (Official Controls in Relation to Food Legislation) Regulations, 2020 on:
- Chinese Gourmet Restaurant (Closed area: the use of the outdoor timber shed in the back yard of the restaurant for the storage/ handling of any open food or food contact materials), The Square, Oldcastle, Meath
- Chrysanthemum (restaurant/café), Unit 1 Old Orchard Inn, Butterfield Avenue, Rathfarnham, Dublin 14
Two Prohibition Orders were served under the European Union (Official Controls in Relation to Food Legislation) Regulations, 2020:
- Johnson Best Food African Take Away, 86 Summerhill, Dublin 1
- The Roadhouse (public house), Clongowney, Mullingar, Westmeath
Also, during the months of May and June two prosecutions were taken by the HSE in relation to:
- Mean Greens Vegan Kitchen Stall, Ballysax Hills, The Curragh, Kildare
- Griolladh 2 Stall, Ballysax Hills, The Curragh, Kildare
Some of the reasons for the Enforcement Orders in June include: two mouse carcasses under a sink and under a toilet; a significant amount of rodent droppings under a sink; evidence of rat infestation; inadequate pest proofing; flies walking on cooked chicken; a dead rodent under pallets on the shop floor; raw meat packaging used to store cooked chicken pieces; mould on walls and ceilings; food prepared and handled in a kitchen which was subject to a Closure Order; inability to establish traceability for frozen raw meat; lack of a food safety culture.
Dr Pamela Byrne, Chief Executive, FSAI, emphasised that food businesses have a legal obligation to comply with food safety legislation in the interest of public health.
“Consumers have a right to safe food. Under food law, it is the legal responsibility of food businesses to ensure that the food they sell to the consumer is safe to eat. If anyone experiences unfit food, poor hygiene standards or notices a breach of food law in a food business, we encourage them to contact us via our online complaint form at www.fsai.ie/makeitbetter. Reporting inappropriate and unsafe food practices provides us with information that we can act upon. Food safety legislation is put in place to protect the health of consumers and to uphold the standards of the food industry. We strongly encourage food business operators to continuously improve their food safety standards via regular training, availing of online resources, as well as promoting a strong culture of food safety within their businesses.”
Details of the food businesses served with Enforcement Orders are published on the FSAI’s website at www.fsai.ie. Closure Orders and Improvement Orders will remain listed in the enforcement reports on the website for a period of three months from the date of when a premises is adjudged to have corrected its food safety issue, with Prohibition Orders being listed for a period of one month from the date the Order was lifted.
Nestlé Uses Guaranteed Traceable Cocoa Ingredients for a Range of Ireland’s Chocolate Brands
Nestlé’s KitKat, Quality Street, Aero, After Eight, Yorkie, Rolo and Munchies, are now using cocoa ingredients guaranteed to have been sourced from cocoa farming families that are part of Nestlé’s Income Accelerator Programme.
Building on the work of Nestlé’s Cocoa Plan, the Income Accelerator programme was created in January 2022 to help close the living income gap of cocoa-farming families and reduce child labour risk. After a successful test with 10,000 cocoa farming families, 2024 marks the first year of a ‘scale up phase’, with 30,000 families now enrolled in the programme across Côte d’Ivoire and Ghana.
By 2030, the programme aims to reach an estimated 160,000 cocoa-farming families in Nestlé’s cocoa supply chain to create impact at scale.
The programme incentivises and supports cocoa-farming families to enrol their children in school, implement good agricultural practices, engage in agroforestry activities, and diversify their incomes.*
Nestlé has collaborated with a number of expert partners and suppliers to transform its global cocoa sourcing and achieve full traceability and physical segregation of the cocoa sourced from its income accelerator programme. This means Nestlé is able to track the entire journey of cocoa beans from groups of farms to factory, while keeping them physically separated from other cocoa sources.
The cocoa ingredients from the income accelerator programme adhere to one of the highest traceability standards, ensuring “mixed identity preserved” traceability, enabling cocoa to be traced and stored separately.
Nestlé’s York site uses 12,000 tonnes of cocoa ingredients every year to produce chocolate for a range of brands including KitKat, Quality Street, Aero, After Eight, Yorkie, Rolo and Munchies.
Today’s news means that in Ireland, KitKat will feature on pack information where consumers can scan the QR code to learn more about how the programme works to benefit the livelihoods of cocoa farming families and their communities.
Mark Davies, Managing Director, Nestlé Confectionery UK and Ireland said: “Announcing that the chocolate for a range of brands for the Irish market emanating from our York factory is now produced using cocoa ingredients sourced through the Income Accelerator Programme is a very significant milestone for Nestlé.
“Sourcing cocoa with this level of traceability, at the scale that Nestlé operates, is no mean feat. It has taken a lot of hard work by many people, but we know that there is still more to be done.
“We will continue to push to make a positive impact on the lives of farmers and their communities and contribute to a more sustainable cocoa industry,” added Davies.
One partner which has played a significant role in the implementation of the Income Accelerator Programme, is the non-profit organisation, Rainforest Alliance. The Rainforest Alliance cocoa certification programme is the world’s largest scale initiative to drive more sustainable cocoa farming and all of the cocoa sourced for Nestlé UK&I continues to be Rainforest Alliance certified.
Thierry Touchais, Manager, Strategic Accounts Manager at the Rainforest Alliance, said of the initiative: “We’re delighted to collaborate with Nestlé on their journey towards sustainable cocoa sourcing.
“It’s encouraging to find a company of this scale using a ‘mixed identity preserved’ model in which cocoa can be traced back to Rainforest-Alliance-certified farmers engaged in Nestlé’s income accelerator. The approach showcases the potential for positive change in the industry.”
All of the cocoa Nestlé has sourced for chocolate in the UK & Ireland has been certified since 2015 as part of the Nescafé Cocoa Plan. Throughout 2024, Nestlé plans to use segregated cocoa butter for all of its KitKat chocolate in 29 countries in Europe, with plans to expand to other regions in the coming years.
Nine Enforcement Orders Served on Food Businesses in May
The Food Safety Authority of Ireland (FSAI) today reported that nine Enforcement Orders were served on food businesses during the month of May for breaches of food safety legislation, pursuant to the FSAI Act, 1998 and the European Union (Official Controls in Relation to Food Legislation) Regulations, 2020. The Closure Orders were issued by Environmental Health Officers in the Health Service Executive (HSE).
Four Closure Orders were served under the European Union (Official Controls in Relation to Food Legislation) Regulations, 2020 on:
· Johnson Best Food African Take Away, 86 Summerhill, Summerhill, Dublin 1
· Dublin Pizza Company (take away), 32 Aungier Street & 35 Aungier Street, Dublin 2
· Mizzonis Pizza (take away), 15 Prospect Road, Glasnevin, Dublin 9
· D1 Cafe and Bakery, 52 Dorset Street Lower, Dublin 1
Two Closure Orders were served under the FSAI Act 1998 on:
· Istanbul Bite (Closed area: boiler room and potato peeling room) (take away), Upper Cork Hill, Youghal, Cork
· Applegreen Cobh (fuel pumps external to the shops are not subject to this Closure Order), Tiknock, Cobh, Cork
Two Prohibition Orders were served under the European Union (Official Controls in Relation to Food Legislation) Regulations, 2020 on:
· Fresh Oriental Store Limited, 30-32 Abbey Street Upper, Dublin 1
· Johnson Best Food African Take Away, 86 Summerhill, Dublin 1
One Prohibition Order was served under the FSAI Act, 1998, on:
· The Village Grocer, Upper Main Street, Ballyporeen, Tipperary
Some of the reasons for the Enforcement Orders in May include: evidence of rodent infestation, including dead rodents in multiple areas, including under a fridge and under shelves on the shop floor; raw fish defrosting at room temperature in a dirty container on the floor of the kitchen area; accumulation of dirt, cobwebs and dead insects on floors; inadequate cleaning and a build-up of waste stored in a room next to toilets with foul odour and flies present; no hot water, soap or paper towels available at the wash hand basin in the staff toilet; absence of an adequate food safety culture particularly regarding training of staff.
Dr Pamela Byrne, Chief Executive, FSAI, said that breaches of food safety legislation pose a real danger to consumer health.
“This month has seen a decrease in Closure Orders from April, with a reduction of over 50% in orders served. However, the fact remains that food safety is not an optional luxury when operating a food business. It is a legal requirement in food law to protect the health of consumers. By neglecting to uphold basic food safety and hygiene standards, a business not only jeopardises the health of its customers, but also risks damaging its own reputation as a trustworthy food business. The food industry must continue to improve its adherence to food safety legislation to ensure consumers’ health is protected.”
Details of the food businesses served with Enforcement Orders are published on the FSAI’s website at www.fsai.ie. Closure Orders and Improvement Orders will remain listed in the enforcement reports on the website for a period of three months from the date of when a premises is adjudged to have corrected its food safety issue, with Prohibition Orders being listed for a period of one month from the date the Order was lifted.
It’s Aprons at Dawn as Eric Roberts and Holly Carpenter Take on ‘Ready Steady Taste’ Challenge at Taste of Dublin
Taste of Dublin today announces well-known personalities Eric Roberts and Holly Carpenter are set to battle it out at the ‘Ready, Steady, Taste’ cooking challenge at this year’s festival. The iconic food and culture festival, brought to you for 2024 by JYSK, returns from the 13th – 16th June in the surroundings of its new location in Dublin’s Merrion Square. Over 34,000 people are expected to attend the event over the four days.
Irish comedy and style are set to collide with the culinary world in what is predicted to be the ultimate battle of wills as these celebrities compete to be crowned ‘Ready, Steady, Taste’ champion 2024. Roberts and Carpenter will go head-to-head in a live cook-off in the new M&S Food Chef’s Kitchen during the afternoon session on Thursday, June 13th.
The celebrities will be guided by well-known TV chef Edward Hayden, who will be on hand to oversee the creation of their culinary delights. This unmissable cook-off promises an explosive mix of kitchen commotion, culinary mishaps and lots of laughs!
Commenting, Jo Mathews, CEO of Equinox Events said: We are so excited to have Eric and Holly take part in this year’s ‘Ready, Steady, Taste’ live cooking challenge. We wish both personalities the very best of luck and may the best chef claim the crown on the day!
For more information or to purchase tickets for this year’s event, visit tasteofdublin.ie.
Transformative Investment from IBM Ireland to Create Up to 800 High Value Tech Jobs
- Landmark agreement will focus on growth areas of Security, Automation and Hybrid Cloud – underpinned by Generative AI.
- The new roles will be in high value R&D and digital sales and consulting roles delivered across Dublin, Cork and Waterford.
Technology giant IBM Ireland today announced a new investment that will create up to 800 high-tech jobs across Ireland, helping build advanced software underpinned by the latest Artificial Intelligence technologies to advance Security, Automation and Hybrid Cloud. The AI technology will include foundational and Large Language Models that are key for Generative AI.
The investment will create hundreds of roles in research and development, as well as digital sales and consulting; and see Ireland continue to be among IBM’s strategic locations globally. The roles will be created across IBM sites in Dublin, Cork and at IBM’s subsidiary, Red Hat, located in Waterford.
The new staff will join IBM’s and Red Hat’s vibrant and diverse workforce, and help enhance Ireland’s rich and highly skilled technology talent pool that supports employment in knowledge-intensive and high-technology sectors. As the EU leader for the number of science, technology, engineering and mathematics (STEM) graduates per capita, Ireland has a talent pipeline fuelled by skilled young people while educators collaborate with industry to provide the skills needed in the future.
IBM has been in Ireland for more than 65 years during which time it has continually evolved its operations and capabilities to support the company’s global strategy. Today, IBM’s operations in Ireland help clients across key sectors such as financial services and healthcare streamline their business processes, increase productivity and gain competitive advantage through technology. Ireland is also host to IBM Research’s only facility in the EU.
The three-year investment is supported by the Government of Ireland through IDA Ireland.
Speaking of the announcement Taoiseach Simon Harris said, “I very much welcome IBM’s announcement today which not only reinforces the company’s deep-rooted commitment to Ireland as a strategic location but is also set to deliver real impact to the Irish economy through job creation and by strengthening specialist skills and expertise. Furthermore, this news demonstrates Ireland’s continued attractiveness as a preferred location for global companies to build out their digitalisation, research and innovation capabilities.”
Minister for Enterprise, Trade and Employment, Peter Burke said: “This is fantastic news. Today’s announcement that IBM Ireland are to create 800 skilled tech jobs between Dublin, Cork and Waterford, is hugely welcome. IMB is a world leader in Technology and has been a long standing high value employer in Ireland for almost three quarters of a century. Ireland is now ranked as the fifth most advanced digital economy in the EU, and having IBM choose Ireland for this new project is another vote of confidence in our country. The Government fully supports advancements in AI and Digital Transformation, and these roles will allow for exciting innovative opportunities for many of our skilled workforce throughout the country. Thanks to IBM for your continued investment here and best of luck to all involved in this exciting new initiative.”
Speaking of the announcement James Kavanaugh, IBM senior vice president and chief financial officer, said, “As IBM continues to help organizations transform their businesses with hybrid cloud and AI, attracting, developing, and retaining talent remains a key priority. Today’s announcement is a result of our strong relationship with IDA Ireland and the Irish government, but is also a testament to the calibre of talent here in Ireland, one of many reasons Ireland continues to be a strategic location for IBM.”
Deborah Threadgold, IBM Ireland country general manager, added, “We’re thrilled to announce this landmark and transformational initiative that will position the Irish operation at the cutting edge of next generation technology development within IBM globally.”
Speaking of the announcement, Michael Lohan, IDA Ireland chief executive officer, said “This is a remarkable initiative by IBM Ireland that will not only drive transformation within IBM and Red Hat’s operations but will deliver strong impact in Dublin, Cork and Waterford. It is also set to deliver real uplift in the Irish technology ecosystem by advancing capabilities across key growth areas for IDA Ireland such as Cloud, AI, Quantum and Cybersecurity. IDA Ireland has partnered with IBM for more than 60 years and we look forward to continuing to do so throughout this exciting project.”
For the latest information and to apply for the currently open roles at IBM and Red Hat, visit: