"Data Breach Costs Reach New Record High"

Security researchers at IBM have found that the average cost of a data breach globally now stands at $4.35m, up nearly 13% on 2020 figures and a new all-time record.  During the study, the researchers interviewed 550 organizations in 17 countries between March 2021 and March 2022.  The researchers stated that consumers are suffering disproportionately from these incidents.  Many breached organizations (60%) put their prices up following a breach, adding to runaway global inflation.  The researchers noted that phishing is the most expensive cause of breach events, resulting in average costs of $4.9m for victim organizations, while compromised credentials are the most common cause (19%).  Healthcare remains the sector in which costs are highest.  It has led the pack for the 12th year in a row, with breach costs in 2022 increasing nearly $1m to reach over $10m.  The researchers stated that the US remained the most expensive country, with average costs of $9.4m.  The researchers noted that there were also interesting insights for CISOs in critical infrastructure organizations who may be considering zero trust strategies.  Some 80% of those surveyed from the sector said they haven't adopted such approaches.  This saw their breach costs increase by nearly $1.2m over those who did, to reach $5.4m.  For organizations that paid the ransom they only usually saved $610,000 more than the average breach cost.  The average cost of a ransom attack without the ransom payment was $4.5m.  The researchers stated that nearly half (45%) of recorded breaches occurred in the cloud, with those who had not yet formulated a security strategy or were in the early stages of doing so liable to pay on average $660,000 more than those with a mature cloud security posture.

Infosecurity reports: "Data Breach Costs Reach New Record High"