Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Leadership and ManagementSecurity & Business ResilienceCybersecurity News

Global News

$4.35 million — The average cost of a data breach

By Maria Henriquez
piggy bank

MicroStockHub / iStock / Getty Images Plus via Getty Images

October 17, 2022

The global average cost of a data breach increased 2.6% from $4.24 million in 2021 to $4.35 million in 2022 — the highest it’s been in the history of IBM Security’s “The Cost of a Data Breach Report.”

Now in its 17th year, the report, conducted by Ponemon Institute, studied 550 organizations impacted by data breaches between March 2021 and March 2022. The breaches occurred across 17 countries and regions and in 17 different industries.

In addition, IBM Security conducted 3,600 interviews with individuals from organizations impacted by the data breaches to determine the cost to organizations across different activities related directly to both immediate and prolonged incident response (IR). The report examined root causes, short-term and long-term consequences of data breaches, and the mitigating factors and technologies that allowed companies to limit losses.

Key findings from the IBM Security analysis shows:

83% — Percentage of organizations that have had more than one breach

$4.82 million — Average cost of a critical infrastructure data breach

$4.54 million — Average cost of a ransomware attack, not including the cost of the ransom itself

19% — Frequency of breaches caused by stolen or compromised credentials

$1 million — Average increase in cost where remote work was a factor in causing the breach versus when it wasn’t a factor

$2.66 million — Average cost savings associated with an incident response team and regularly tested IR plan

$9.44 million — Average cost of a breach in the United States, the highest of any country

While the study focuses mainly on the financial costs associated with a data breach, the real impact on businesses run much deeper: reputational loss, legal liability and loss of business and consumer trust.

Organizations should consider the following recommendations, based on the successful security approaches taken by organizations in the study.


1. Adopt a zero trust security model to help prevent unauthorized access to sensitive data.

The study showed that while just 41% of organizations implemented a zero trust security approach, they had a potential breach cost savings of $1.5 million with a mature deployment. As organizations incorporate remote work and hybrid multi-cloud environments, a zero trust strategy can help protect data and resources by limiting accessibility and requiring context.

Security tools that share data between disparate systems and centralize data security operations can help security teams detect incidents across complex hybrid multi-cloud environments. Security teams can gain deeper insights, mitigate risks and accelerate response with a zero trust strategy.


2. Protect sensitive data in cloud environments using policy and encryption.

With the increasing amount and value of data being hosted in cloud environments, organizations should take steps to protect cloud-hosted databases.

Mature cloud security practices were associated with breach cost savings of $720,000 compared to no cloud security practices. Using data classification schema and retention programs can also help bring visibility and reduce the volume of sensitive information vulnerable to a breach.

Organizations should protect sensitive information using data encryption and fully homomorphic encryption. Using an internal framework for audits, evaluating risk across the enterprise and tracking compliance with governance requirements can help improve the ability to detect a data breach and escalate containment efforts.


3. Invest in security orchestration, automation and response (SOAR) and extended detection and response (XDR) to help improve detection and response times.

Along with security artificial intelligence (AI) and automation, XDR capabilities can help significantly reduce average data breach costs and breach lifecycles.

According to the study, organizations with XDR deployed shortened the breach lifecycle by 29 days on average compared to organizations that didn’t implement XDR, with a cost savings of $400,000.

SOAR and security information and event management (SIEM) software, managed detection and response services, and XDR can help organizations accelerate incident response with automation, process standardization and integration with existing security tools.


4. Use tools that help protect and monitor endpoints and remote employees.

In the study, breaches where remote work was a factor in causing the breach cost nearly $1 million more than breaches where remote work wasn’t a factor. Unified endpoint management (UEM), endpoint detection and response (EDR) and identity and access management (IAM) cyber technologies can help provide security teams with deeper visibility into suspicious activity.

This oversight involves bring-your-own-device (BYOD) policies and company laptops, desktops, tablets, mobile devices and IoT, including endpoints the organization doesn’t have physical access to. UEM, EDR and IAM can help to speed investigation and response time to isolate and contain the damage in breaches where remote work was a factor.


5. Create and test incident response playbooks to increase cyber resilience.

Two of the most effective ways to mitigate the cost of a data breach are forming an incident response team and extensive testing of the IR plan. Breaches at organizations with IR teams that regularly test their plan saw $2.66 million in savings compared to breaches at organizations with no IR team or testing of the IR plan.

Organizations can respond quickly to contain the fallout from a breach by establishing a detailed cybersecurity incident playbook. Routinely test the plan through tabletop exercises or run a breach scenario in a simulated environment such as a cyber range.

Adversary simulation exercises, also known as red team exercises, can enhance the effectiveness of IR teams by uncovering attack paths and techniques they might miss and identifying gaps in detection and response capabilities.

An attack surface management approach can help organizations improve their security posture by locating previously unknown exposure points through simulations of an authentic attack experience.

For more information, visit www.ibm.com.

KEYWORDS: Chief Information Security Officer (CISO) cyber security incident response information security risk management threat intelligence

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber6-900px.jpg

    IBM Study: Cost of a Data Breach Reaches $350 Million

    See More
  • cloud security freepik

    Average cost of cloud account compromises reached $6.2 million over a 12-month period

    See More
  • Generic Image for Cyber Security

    Study Reveals Average Cost of Data Breach Reaches Record Levels

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing