What is the Cost of Data Breach (Latest Research Findings)

It’s not easy to calculate the cost of a data breach, but the financial implications are becoming more apparent with the increasing number of organizations getting attacked.

That said, below, we’ve compiled various data points that will help you understand the cost of a data breach, and what financial implications a data breach might have on your company.

Table of contents:

According to the 2023 IBM Cost of a data breach report, the average cost of a data breach hit an all-time high of $4.45 million. That’s a 2.3% increase over last year’s USD 4.35 million average and a 15.3% increase from the 2020 report (USD 3.86 million).

In this post, we’ll summarize the essential points from the report so that you can better manage your security investments and make informed security decisions based on real data.

The top 10 findings from the 2023 IBM Cost of Data Breach Report

The Poneman Institute, in collaboration with IBM, studied 553 organizations impacted by data breaches between March 2022 and March 2023. The report is based on breaches across 16 countries and 17 industries, with data gathered from 3,475 interviews.

1. The Global Average Cost of a Data Breach Increased by 2.3%.

In 2023, the cost of a data breach rose to USD 4.45 million, over $100,000 more than the previous year. As shown below, the average data breach cost has consistently increased every year since 2017.

The average cost per record in 2023 was USD 165. Over the last seven years, there’s been a 13.79% increase in the per-record cost of a data breach, as shown below:

2. 51% of organizations plan to increase their investment in security after a breach.

Despite the continued rise in data breach costs, participants were almost split on whether they plan to increase spending on security after an incident. Of the 51% that increased spending after a breach, the most common investment was in Incident Response planning and testing at 50%. Next was employee training at 46%. Threat detection and response technologies came in third at 38%. A breakdown of the most common investments made is shown below:

3. Security AI & automation lower data breach costs by USD 1.76 million on average.

Organizations that leverage security AI and automation contained a data breach 108 days faster than organizations that don’t. In addition, the average data breach cost was USD 3.60 million, which was USD 1.76 million less than organizations that don’t use these capabilities.

4. Only a third of breaches were identified by internal security teams and tools.

Internal security teams and tools identified only 33% of breaches. In 40% of the breaches, a benign third party identified the issue. In cases of ransomware, the attacker disclosed 27% of breaches to their victims.

The average cost of an attack, when disclosed by the attackers, was USD 5.23 million. This number is 19.5% (or USD 30,000) more than the average cost when the breach was identified via an organization’s internal security team. On average, breaches found by an internal security team cost USD 4.30 million. This number is over USD 1 million less than when the attackers disclosed the breach.

5. Organizations that involved law enforcement saved both time and money.

Of the organizations hit with ransomware, 37% opted not to involve law enforcement. Those that involved law enforcement experienced a less costly breach overall. When law enforcement was concerned, the average ransomware breach cost was USD 4.64 million.

In comparison, the average cost when law enforcement wasn’t involved was USD 5.11 million. That’s a 9.6% difference. By involving law enforcement in a ransomware attack, organizations saved around USD 470,000.

6. The average cost of a breach in the healthcare industry has grown by 53.3%.

Despite the high levels of regulation and being considered critical infrastructure by the US government, the healthcare industry continues to experience the highest data breach costs across all sectors. Over the past three years, the average healthcare data breach cost has ballooned by 53%. In 2023, the average cost hit USD 10.93 million.

Here’s a breakdown of the cost of a data breach per industry:

7. 82% of the breaches involved data stored in the cloud.

Where the breached data was stored affected both the cost and duration of the breach. While attackers focused on cloud environments, in 39% of the breaches, the attackers accessed both the victim’s cloud and on-premises environments. Multiple environment attacks incurred a higher-than-average cost of USD 4.75 million. To mitigate this risk, organizations with hybrid cloud setups must focus on strong encryption, data security, and data access policies.

8. The top 3 cost mitigating factors are DevSecOps, IR, and employee training.

Out of the 27 factors studied, the average cost of a breach showed a difference of USD 1.68 million or 38.4% between organizations with DevSecOps integrated into their software development cycle compared to those without. In addition, there was a USD 1.49 million or 34.1% cost difference between companies that had done significant Incident Response (IR) planning and testing and those that didn’t. Finally, there was a difference of USD 1.5 million or 33.9% between companies that implemented employee training and those that did not.

9. Having complex security increases the average cost of a breach.

Organizations that reported high levels of security system complexity had an average breach cost of USD 5.28 million. In comparison, organizations with low security complexity had an average breach cost of only USD 3.84 million. In other words, having high security complexity raised a breach’s cost by 31.6%.

10. Reducing the data breach lifecycle saves USD 1.02 million.

Keeping the data breach lifecycle to less than 200 days was associated with an average cost of USD 3.93 million. Breaches that took over 200 days to identify and contain were associated with an average cost of USD 4.95 million. Organizations saved, on average, USD 1.02 million by keeping the breach lifecycle under 200 days.

How long is the average data breach lifecycle?

Detecting and containing a data breach as quickly as possible is crucial in minimizing the damage it can cause.

The data breach lifecycle is the elapsed time between initial detection and containment. In other words, the time from when the incident was initially discovered until the organization resolves the situation and restores service after the breach.

In 2022, the average time it took organizations to identify a breach was 207 days. In 2023, it only took 204 days. On the other hand, organizations needed an average of 73 days to contain a breach in 2023, while in 2022, it took an average of just 70 days.

As noted before, the shorter the data breach lifecycle, the lower the overall business costs are to the organization.

What was the most common initial attack vector?

Stolen or compromised credentials were responsible for 31% of the breaches. Credentials are often leaked via infostealer malware, 3rd party breaches and phishing attacks.

Among the various data breach causes, breaches caused by stolen or compromised credentials took the longest to resolve. It took 328 days, or nearly 11 months, to contain these breaches. In comparison, the overall mean time to contain a data breach was 277 days or almost two months less.

Organizations with ongoing visibility into their employees', customers', and software suppliers' leaked credentials were able to reset stolen credentials before criminals could exploit them.

Average Cost of Data Breaches by Country

The cost of data breaches varies widely across different countries.

The financial impact of data breaches in the United States is significantly higher than in other parts of the world, with an average expense of USD 9.48 million per incident - more than twice the global average.

The Middle East follows closely behind as the second-costliest region for data breaches, with an average price tag of USD 8.07 million.

Canada rounds out the top three, experiencing an average data breach cost of USD 5.13 million in the same year.

A breakdown of the average cost of data breaches by country or region is shown below:

Breachsense can help you prevent data breaches

The financial impact of data breaches is a growing concern for organizations worldwide. In light of the increasing frequency and sophistication of cyber attacks, organizations must adopt a proactive approach to safeguard their sensitive data.

Breachsense is a data breach monitoring platform that offers real-time alerts whenever your employee’s or customers' credentials appear on the dark web. Enable your security team to reset the passwords before criminals exploit them.

Learn more about how data breach monitoring works and how it can help you prevent cyber attacks.