IBM’s 2022 report on the cost of data breaches continues to shed a grim light on the spiraling costs of global data breaches. Data security is now the primary concern of CISOs and cybercriminals alike, with thousands of companies repeatedly falling foul of profiteering malicious actors.
First off, let’s explain why data security is important. The IBM report lends not only the worst view possible on the consequences of poor data security but also gives us valuable insight into mitigating factors and data-driven results of next-gen security practices.
Initial Breach Costs Reach Staggering Heights
The IBM report draws on the experiences of 550 global organizations surveyed from the period between March 2021 to March of this year, in partnership with the Ponemon Institute. The analysis provided in this partnership lends an incredibly clear and detailed view of the mistakes, learnings, and strengths of cybersecurity strategies employed across the world. It also lends us a fantastic cross-section of how data breaches have adapted to security best practices – and how companies continue to fall for the same mistakes over and over.
Attack vectors make up one field that appears consistent. In 2022, compromised credentials continued to pose the biggest threat to security – breaches that depended on this attack vector made up 19% of all attacks, costing an average of $4.50 million. Phishing attacks represented 16% of breaches, but did more damage than their credential counterparts, costing just under $5 million per attack. Cloud misconfigurations followed closely at a rate of 15%, while 3rd-party software vulnerabilities lagged behind at 13%. The popularity of each attack vector falls in line with the prior few years of data: this shows that companies continue to heavily mismanage Identity and Access Management (IAM) policies.
The average data breach has reached a record in cost and longevity: across all 500 subjects, the average cost is just above $4 million. This represents an increase of 13% over the past 2 years of the report, demonstrating the continuous failures of even large companies to handle the sudden shift to WFH. On average, the time taken to pinpoint and contain a breach is now 277 days. Though this is a 3.5% decrease from last year, this is because last year’s breaches took an extraordinary amount of time to contain – The 277 figure falls neatly into the average response time that IBM has established over the last 7 years.
Solidifying the grim reality of data breaches, 83% of studied organizations admitted that they had experienced one or more data breaches in their lifetime.
The costs during the breach may seem significant, but data breaches continue to have ripple effects long after containment. Of particular note in this year’s IBM report was the impact that data breaches are having on pieces of critical infrastructure. Healthcare organizations continue to suffer the costliest breaches among industries. The average cost of a breach in healthcare has increased by another $1 million, hitting a new high of $10.1 million. The financial sector came in second place, as their costs hit $5.97.
As the report segregates these different industries, it’s easy to see these as isolated issues. However, when viewed in the larger context as countries battle post-pandemic economic stagnation, it paints a more concerning picture. 60% of organizations in the report claimed that their breaches had a direct impact on their prices, as the financial loss forced them to raise prices. When the cost of goods is already soaring worldwide, the financial impacts of cybercrime begin to crystallize, especially when the focal point of these cybercriminals continues to be major pillars of infrastructure.
The cost of breaches was dramatically inflated by one major factor: a lack of targeted investment in the victim’s own defenses. Insufficient security staffing was a particular breach honeypot. 62% of organizations claimed to not be staffed adequately enough to address their security needs. These businesses averaged around half a million dollars more in breach costs in comparison to organizations that claimed to be sufficiently staffed. While a staff gap forces cost up, so too does an over-complex security system. For example, breaches at organizations with high levels of system complexity suffered even higher losses. The average breach cost for these overloaded systems rose $290,655 above the mean cost of a data breach of $4.35 million.
What Reduces Data Breach Costs?
While understaffing and overcomplexity only gave data breaches more ammunition, there were a number of security features that proved themselves. A DevSecOps approach, AI platforms, and the integration of an incident response team were 3 factors that were associated with the highest decrease in cost. For instance, breaches in businesses that deployed AI platforms saved $300,075 from the average cost of a data breach. The IR teams proved themselves even more cost-worthy, demonstrating a saving power of $2.66 million.
For the very first time in the IBM report’s history, Extended Detection and Response (XDR) technologies were analyzed. Their mitigation effects are already impressively clear: companies that have utilized XDR technologies experienced a faster recovery time of 29 days. XDR describes a suite of data security solutions that provides holistic protection against cyberattacks, unauthorized access, and malicious misuse. From preventing data breaches via firewalls and cutting-edge user rights management to nullifying the threat of a leak with data masking and encryption, it’s time to start demanding more from your cybersecurity.
Given the increasing costs of breaches, and the impact these have on the consumer, it is time for businesses to start turning their security into offense. Cybercriminal success has been bolstered by the past two years of faltered and mishandled security strategy. It’s time to prevent these malicious groups from making further gains. The IBM report has clearly laid out some major potential improvements and refinements that every organization now has a responsibility to take note of. Fundamentally, the more that businesses naively attempt to bolster their perimeter rather than invest in detection and response – the more these breaches can run amok.