Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Leadership and ManagementSecurity & Business ResilienceCybersecurity News

Global News

$4.35 million — The average cost of a data breach

By Maria Henriquez
piggy bank

MicroStockHub / iStock / Getty Images Plus via Getty Images

October 17, 2022

The global average cost of a data breach increased 2.6% from $4.24 million in 2021 to $4.35 million in 2022 — the highest it’s been in the history of IBM Security’s “The Cost of a Data Breach Report.”

Now in its 17th year, the report, conducted by Ponemon Institute, studied 550 organizations impacted by data breaches between March 2021 and March 2022. The breaches occurred across 17 countries and regions and in 17 different industries.

In addition, IBM Security conducted 3,600 interviews with individuals from organizations impacted by the data breaches to determine the cost to organizations across different activities related directly to both immediate and prolonged incident response (IR). The report examined root causes, short-term and long-term consequences of data breaches, and the mitigating factors and technologies that allowed companies to limit losses.

Key findings from the IBM Security analysis shows:

83% — Percentage of organizations that have had more than one breach

$4.82 million — Average cost of a critical infrastructure data breach

$4.54 million — Average cost of a ransomware attack, not including the cost of the ransom itself

19% — Frequency of breaches caused by stolen or compromised credentials

$1 million — Average increase in cost where remote work was a factor in causing the breach versus when it wasn’t a factor

$2.66 million — Average cost savings associated with an incident response team and regularly tested IR plan

$9.44 million — Average cost of a breach in the United States, the highest of any country

While the study focuses mainly on the financial costs associated with a data breach, the real impact on businesses run much deeper: reputational loss, legal liability and loss of business and consumer trust.

Organizations should consider the following recommendations, based on the successful security approaches taken by organizations in the study.


1. Adopt a zero trust security model to help prevent unauthorized access to sensitive data.

The study showed that while just 41% of organizations implemented a zero trust security approach, they had a potential breach cost savings of $1.5 million with a mature deployment. As organizations incorporate remote work and hybrid multi-cloud environments, a zero trust strategy can help protect data and resources by limiting accessibility and requiring context.

Security tools that share data between disparate systems and centralize data security operations can help security teams detect incidents across complex hybrid multi-cloud environments. Security teams can gain deeper insights, mitigate risks and accelerate response with a zero trust strategy.


2. Protect sensitive data in cloud environments using policy and encryption.

With the increasing amount and value of data being hosted in cloud environments, organizations should take steps to protect cloud-hosted databases.

Mature cloud security practices were associated with breach cost savings of $720,000 compared to no cloud security practices. Using data classification schema and retention programs can also help bring visibility and reduce the volume of sensitive information vulnerable to a breach.

Organizations should protect sensitive information using data encryption and fully homomorphic encryption. Using an internal framework for audits, evaluating risk across the enterprise and tracking compliance with governance requirements can help improve the ability to detect a data breach and escalate containment efforts.


3. Invest in security orchestration, automation and response (SOAR) and extended detection and response (XDR) to help improve detection and response times.

Along with security artificial intelligence (AI) and automation, XDR capabilities can help significantly reduce average data breach costs and breach lifecycles.

According to the study, organizations with XDR deployed shortened the breach lifecycle by 29 days on average compared to organizations that didn’t implement XDR, with a cost savings of $400,000.

SOAR and security information and event management (SIEM) software, managed detection and response services, and XDR can help organizations accelerate incident response with automation, process standardization and integration with existing security tools.


4. Use tools that help protect and monitor endpoints and remote employees.

In the study, breaches where remote work was a factor in causing the breach cost nearly $1 million more than breaches where remote work wasn’t a factor. Unified endpoint management (UEM), endpoint detection and response (EDR) and identity and access management (IAM) cyber technologies can help provide security teams with deeper visibility into suspicious activity.

This oversight involves bring-your-own-device (BYOD) policies and company laptops, desktops, tablets, mobile devices and IoT, including endpoints the organization doesn’t have physical access to. UEM, EDR and IAM can help to speed investigation and response time to isolate and contain the damage in breaches where remote work was a factor.


5. Create and test incident response playbooks to increase cyber resilience.

Two of the most effective ways to mitigate the cost of a data breach are forming an incident response team and extensive testing of the IR plan. Breaches at organizations with IR teams that regularly test their plan saw $2.66 million in savings compared to breaches at organizations with no IR team or testing of the IR plan.

Organizations can respond quickly to contain the fallout from a breach by establishing a detailed cybersecurity incident playbook. Routinely test the plan through tabletop exercises or run a breach scenario in a simulated environment such as a cyber range.

Adversary simulation exercises, also known as red team exercises, can enhance the effectiveness of IR teams by uncovering attack paths and techniques they might miss and identifying gaps in detection and response capabilities.

An attack surface management approach can help organizations improve their security posture by locating previously unknown exposure points through simulations of an authentic attack experience.

For more information, visit www.ibm.com.

KEYWORDS: Chief Information Security Officer (CISO) cyber security incident response information security risk management threat intelligence

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Half closed laptop

Sudo Vulnerability Discovered, May Exposes Linux Systems

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Money in the dark

    $4.88M was the average cost of a data breach in 2024

    See More
  • cyber6-900px.jpg

    IBM Study: Cost of a Data Breach Reaches $350 Million

    See More
  • cloud security freepik

    Average cost of cloud account compromises reached $6.2 million over a 12-month period

    See More

Related Products

See More Products
  • Physical-Security-and-Safet.gif

    Physical Security and Safety: A Field Guide for the Practitioner

  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!