Highlights:

  • The cost of a data breach in 2022 was USD 4.35 million, up 2.6 percent from the previous year’s total of USD 4.24 million.
  • IBM discovered that breaches resulted in price hikes that were passed on to customers in 60% of firms.

According to IBM Security’s annual “Cost of a Data Breach” report produced by Ponemon Institute, a data breach costs more and more money, which is unfortunate. The cost of a data breach in 2022 was USD 4.35 million, up 2.6 percent from the previous year’s total of USD 4.24 million.

According to the study, 83 percent of the firms had experienced more than one data breach, making them perfect targets for follow-up attacks as part of a “haunting impact” after becoming the victim of cyberattacks.

The report emphasizes the need for organizations to implement innovative strategies to minimize the effects of data breaches, especially in light of the surge in sophisticated assaults that can’t always be stopped.

The threat landscape’s hostile reality

It’s becoming obvious that conventional organizational security methods need to be re-evaluated as the cost of a data breach rises and the threat landscape is characterized by widespread double-and triple-extortion ransomware assaults and identity-related breaches.

T Mobile and Twitter both experienced the costs of a data breach in the past week, with the former agreeing to pay customers USD 350 million as part of a post-breach settlement and the latter having to deal with the negative fallout after a hacker allegedly gained access to 5.4 million users’ personal information.

With the impact of such breaches causing millions in damage, many organizations pass costs onto consumers, as part of an invisible cyber tax.  In fact, IBM discovered that breaches resulted in price hikes that were passed on to customers in 60% of firms.

“What stands out most in this year’s finding is that the financial impact of breaches is now extending well beyond the breaches organizations themselves,” said Head of Strategy, IBM Security X-Force, John Hendley.

“The cost is trickling down to consumers. In fact, if you consider that two or three companies within a supply chain may have suffered a breach and increased their prices, there’s this multiplier effect that’s ultimately hitting the consumer’s wallet. Essentially, we’re now beginning to see a hidden “cyber tax” that individuals are paying due to the growing number of breaches occurring today compounded with the more obvious disruptive effects of cyberattacks,” Hendley said.

Hendley said that a lot of attacks are happening, but there’s a lack of experienced security specialists to handle them, which is why the cost of data breaches is seeing a spike. This is demonstrated by the study, which found that 62% of firms lacked enough people to meet their security requirements.

What are the effects on CISOs and security executives?

The paper focuses on the bleakest aspects of the present threat landscape, but it also identifies several innovative technologies and methodologies that businesses may opt to lower the cost of data breaches.

One of the most encouraging results, for instance, showed that businesses with fully implemented security AI and automation may anticipate paying USD 3.05 million less during a data breach and, on average, slashing the time to uncover and contain a breach by 74 days. The cost of a breach is expected to be USD 1 million less for firms that implement zero trust than those that don’t. Finally, those firms can anticipate a USD 2.66 million cost reduction if they keep an incident response team and frequently test their IR strategies.