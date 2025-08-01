IBM has released its 2025 Cost of a Data Breach report, revealing that data breaches cost South African organisations R44.2 million on average between March 2024 and February 2025.

This represents a 17% year-on-year decrease from R53.1 million in the corresponding period last year. However, IBM said the average number of breached records increased from 22,600 to 23,445.

While compiling the report, IBM analysed real-world data breaches from over 600 organisations worldwide, including organisations in South Africa.

Detection and escalation remained the largest cost category for South African organisations, with an average cost of R17.5 million, followed by the cost of lost business, at R13.1 million.

Post-breach response costs averaged R12.54 million, while the price of notifying customers and stakeholders averaged R950,000.

“While total data breach costs have declined, these figures underline the financial exposure South African organisations still face across the breach lifecycle,” said IBM.

While average costs have declined, sector-specific costs remain elevated, with the financial sector experiencing the highest total costs.

“In 2025, the financial sector experienced the highest total cost of a breach at R70.2 million, followed by hospitality (R57.5 million) and services (R56.8 million),” said IBM.

According to IBM, the most common initial causes of data breaches in the reporting period were third-party and supply chain compromises, which accounted for 17% of incidents and averaged R29.6 million.

“Compromised credentials, phishing, and denial-of-service attacks each made up 13% of breaches, with average costs of R48.0 million, R50.4 million, and R38.8 million, respectively,” it said.

The report highlighted three key factors that helped reduce data breach costs in South Africa: adopting data security or protection software, increasing use of AI insights, and shifting to DevSecOps practices.

IBM South Africa general manager and technology lead, Ria Pinto, said South African organisations increasingly use AI in security operations to identify and contain threats faster.

“Despite the increase in the average number of breached records, the decline in breach costs is a strong signal that AI-enabled cyber defence tools are working,” said Pinto.

“But with attackers also leveraging AI, it is critical for local businesses to continue investing in AI security, upskilling their security teams, and implementing robust AI governance practices.”

According to IBM’s data, organisations that extensively used AI and security automation reported lower breach costs at an average of R36.22 million.

The average cost for these companies is 32% lower than for those that didn’t use AI and security automation, for which data breach costs averaged R53.7 million.

“Those that used AI and security automation also saw a lower mean time to identify and mean time to contain,” said IBM.

High demand for DevSecOps expertise

IBM highlighted the shift to DevSecOps practices as a key factor in reducing the average cost of data breaches in South Africa, and associated skills are in high demand in South Africa.

DevSecOps is an extension of DevOps, and integrates security practices into every phase of the software development lifecycle, from planning to deployment.

Obsidian Systems managing director and CEO Muggie van Staden recently told MyBroadband that expertise in cloud platforms, networking, security, and DevOps practices was in high demand.

“We have seen a shift in cloud computing to encompass expertise in multiple cloud platforms, with support for various programming languages, security, and DevOps practices, or as we define it, DevSecOps,” he said.

According to Passionate Hub, growth in the DevSecOps market in South Africa is expected to accelerate in the coming years.

“This will be driven by a combination of technological advancements, regulatory changes, and the increasing need for secure digital infrastructure,” it said.

“As businesses continue to adopt cloud computing, mobile applications, and AI-driven solutions, the need for integrated security in the software development cycle will remain a top priority.”

The government’s focus on enhancing cybersecurity legislation and data privacy regulations also contributes to the market’s growth.

“The expansion of Internet connectivity and the rise in cybercrime incidents across Africa are pushing businesses to prioritise security, which is expected to fuel demand for DevSecOps solutions,” said Passionate Hub.