Price hike for consumers as data breach costs rocket to all-time high

IBM logo on a brown background

Organisations are passing costs onto customers as the price of data breaches has hit an all-time high, the latest research from IBM Security has found.

Around 60% of studied businesses raised their product or services prices post-breach, as the global average cost of a data attack hit a record $4.35 million, according to the firm’s 2022 Cost of Data Breach Report.


Storage's role in addressing the challenges of ensuring cyber resilience

Understanding the role of data storage in cyber resiliency


Sponsored by IBM Security and conducted by the Ponemon Institute, the report is based on an in-depth analysis of data breaches experienced by 550 organisations around the world between March 2021 and March 2022.

It found that 83% of them have experienced more than one data breach in their lifetime, while the after-effects of such attacks appear to linger over the long term – with almost 50% of costs incurred more than a year after the initial breach.

In terms of zero trust, critical infrastructure has been found wanting. The report discovered that 80% of critical infrastructure organisations studied do not adopt zero trust strategies, equating to an average breach cost of $5.4 million – a $1.17 million increase over those that do.

Ransomware and destructive attacks represented 28% of breaches amongst these critical infrastructure organisations, with threat actors seeking to fracture the global supply chains that rely on these organisations, IBM said.

Those that paid the ransom found little success, either. Victims that opted to give in to the attackers’ demands saw only $610,000 less in average breach costs when compared to those that did not pay, not including the cost of the ransom.

When factoring in the high cost of ransom payments, IBM noted that the financial toll “may rise even higher”, rendering the strategy of paying up not very effective.

Muddying the waters further, 43% of organisations were found to be in the early stages of or had not yet started applying security practices across their cloud environments, adding an average of $660,000 in breach costs.

By contrast, those fully deploying security and AI automation incurred $3.05 million less costs on average compared to organisations that did not utilise the technology, making it the biggest cost save in the study, IBM revealed.

Additionally, the data showed phishing to be the costliest breach cause, leading to £4.91 million in average costs for responding organisations. It was also the second most common cause (16%), just behind compromised credentials (19%).

Charles Henderson, global head of IBM Security X-Force, said businesses need to “put their security defenses on the offense” to better protect against attackers.

“It’s time to stop the adversary from achieving their objectives and start to minimise the impact of attacks,” he said. “The more businesses try to perfect their perimeter instead of investing in detection and response, the more breaches can fuel cost of living increases.

“This report shows that the right strategies coupled with the right technologies can help make all the difference when businesses are attacked.”

Daniel Todd

Dan is a freelance writer and regular contributor to ChannelPro, covering the latest news stories across the IT, technology, and channel landscapes. Topics regularly cover cloud technologies, cyber security, software and operating system guides, and the latest mergers and acquisitions.

A journalism graduate from Leeds Beckett University, he combines a passion for the written word with a keen interest in the latest technology and its influence in an increasingly connected world.

He started writing for ChannelPro back in 2016, focusing on a mixture of news and technology guides, before becoming a regular contributor to ITPro. Elsewhere, he has previously written news and features across a range of other topics, including sport, music, and general news.