The global average cost of a data breach has hit a record high of $4.35 million, an increase of almost 13% over the last two years.
The annual ‘Cost of a Data Breach Report’ from IBM Security also reveals that it is often consumers who have to pay the price of cybercrime with 60% of surveyed organisations saying they raised their prices due to a data breach.
Compromised credentials continues to be the most common cause of breaches with phishing in second place.
When remote working was a factor in causing the breach, costs were an average of nearly $1 million greater than in breaches where remote working wasn’t a factor.
The IBM report found that 83% of studied organisations have experienced more than one data breach in their lifetime.
The research reveals that nearly 50% of breach costs are incurred more than a year after the cyberattack.
It also found that it in the case of ransomware attacks, it may not make financial sense to pay ransoms to cyber criminals.
Victims who paid ransoms saw only $610,000 less in average breach costs compared to those that chose not to pay, not including the cost of the ransom.
For the 12th year in a row, healthcare organisations saw the costliest breaches amongst industries with average breach costs in healthcare increasing by nearly $1 million to reach a record high of $10.1 million.
In May 2021, the Health Service Executive (HSE) was the victim of a major cyber attack, which caused months of disruption and could end up costing €100 million.
An independent review of the attack carried out by PwC found that the HSE was operating on a frail IT system and did not have proper cyber expertise or resources.
In May this year, the HSE said it was finding it “especially difficult” to recruit cyber security staff right now because of the competition for talent.
According to the IBM report released today, 62% of organisations said they were not sufficiently staffed to meet their cybersecurity needs.
“Businesses need to put their security defences on the offense and beat attackers to the punch,” said Charles Henderson, Global Head of IBM Security X-Force.
“This report shows that the right strategies coupled with the right technologies can help make all the difference when businesses are attacked,” he added.
The 2022 Cost of a Data Breach Report is based on in-depth analysis of real-world data breaches experienced by 550 organisations globally between March 2021 and March 2022.