Understanding the Real Cost of Large-Scale Data Breaches

When assessing the impact of a data breach, most organisations tend to focus on the disruption it causes to normal operations. While this makes sense, it’s also important to consider the financial costs incurred.

The total cost of a data breach is sustained in a number of different ways. As well as the cost of system remediation and the disruption to normal operations, there is also the cost of reputational damage and lost future business.

Interestingly, as the number of significant data breaches has climbed in recent years, the cost of those breaches has also risen. According to a report by IBM and the Ponemon Institute, the average cost of a data breach has increased by 12.7% since 2020[1].

According to the Cost of a Data Breach Report 2022, the average cost of an incident has climbed to $US4.35 million which is 2.6% higher than the previous 12 months. Concerningly, 83% of surveyed organisations report that they have experienced more than one breach.

When it comes to the cause of the data breaches, stolen or compromised credentials continues to be the most common. The 2022 study found these types of breaches represent 19% of all breaches at an average cost of $US4.5 million.

These incidents also had the longest lifecycle where, on average, organisations took 243 days to identify that a breach had taken place. They then took a further 84 days to contain the breach.

The shift to widespread remote working has also had an impact on the extent of data breaches. On average, breaches cost $US1 million more when remote working was being undertaken compared to organisations where this was not the case.

Pre-planning is key

The report clearly showed the benefits that flow from having detailed plans in place that guide actions if and when a data breach occurs. Almost three-quarters of the organisations surveyed confirmed they have an incident response (IR) team in place and a detailed IR plan that is regularly tested.

These organisations reported an average of $US2.66 million lower breach costs compared with organisations that don’t have IT teams and plans in place. This represents a saving of 58%.

When it comes to other pre-emptive steps, 44% of organisations reported they had implemented extended detection and response (XDR) technologies which significantly improved their response times when a breach occurred.

Typically, those organisations with XDR in place shortened breach lifecycles by about a month. Specifically, organisations with XDR took 275 days to identify and contain a breach compared to 304 days for those without. This represents a 10% difference in response times.

Geographies and sectors

Interestingly, the report found that the cost of data breaches varied significantly across both geographic regions and industry sectors.

The cost per breach is highest in the United States ($US9.44 million), followed by the Middle East ($US7.46 million) and Canada (I$US5.64 million). By comparison, the cost for Australian organisations was significantly lower at $US2.92 million.

Looking at industry sectors, the one experiencing the highest costs per data breach was healthcare (US10.1 million). This was followed by the financial sector ($US5.97 million) and pharmaceuticals ($US5.01 million).

Reducing the cost of future breaches

There are some key steps that organisations can take to reduce the likelihood of breaches and the cost should one occur. They include:

  • Adopt a Zero Trust strategy: This is an effective way to protect access and data whether it is stored centrally, at a remote location, or on a cloud platform by implementing access control across users and devices.
  • Protect data with backup and encryption: Should a breach occur, these steps will reduce the likelihood that data can be stolen or misused. Attackers often target your backups to prevent you from being able to recover your data . As part of your backup process, remember your on-premise data as well as data in the cloud/SaaS applications such as Microsoft 365.
  • Invest in XDR capabilities: Being able to spot a breach faster can significantly reduce its impact and the associated costs. XDR platform offers continuous security monitoring with response services for their managed endpoints, networks, and cloud.
  • Protect your email: Cyberattacks often start with a phishing email to capture admin or user credentials. Choose an email security solution with AI capability that enables proactive threat discovery and automates remediation. 
  • Secure your applications: Applications often have open vulnerabilities that can be exploited to gain access to your data. Use an application security solution that defends against web application vulnerabilities such as OWASP Top 10, zero-day and brute force attacks.
  • Create and maintain an incident response playbook: Pre-planning is critical to ensure that everyone within an organisation knows the steps that are required should a breach occur.

The costs of data breaches are likely to continue to climb in the months and years ahead. For this reason, it is vital to take the required steps now to ensure that the impact can be as contained as possible.

[1] https://www.ibm.com/security/data-breach

Mark Lukie
Mark Lukie is a Sales Engineer Manager for Asia Pacific and Japan at Barracuda Networks. He has 20 years’ IT industry experience with deep skills in networking, cybersecurity, backup/disaster recovery, public cloud platforms and systems integration. Mark has been with Barracuda for more than nine years and has extensive knowledge on the company’s entire solution portfolio, including security, application delivery and data protection solutions. He is a member of the Barracuda Global Cloud Security Team, which focuses on security solutions for public cloud platforms such as Microsoft Azure, Amazon Web Services, VMware vCloud Air and Google Cloud Platform. Mark’s qualifications include: Microsoft Certified Systems Engineer/Administrator (MCSE/MCSA), Certified Novel Administrator (CNA), Barracuda Application Delivery & Security Expert (ADSX) and Barracuda Certified Technician & Expert for NextGen Firewalls.