Mitigating data breach costs
IBM’s Cost of a Data Breach Report 2022 offers IT, risk management and security leaders a lens into factors that can increase or help mitigate the rising cost of data breaches. It is a global report comprising data from 17 countries and regions, and 17 industries.
The report covers the following countries and regions: the United States, Middle East, Canada, United Kingdom, Germany, Japan, France, Italy, South Korea, South Africa, Australia, ASEAN, Latin America, India, Scandinavia, Brazil, and Turkey.
Key findings from the report
The key findings are based on IBM Security analysis of research data compiled by Ponemon Institute.
| Key Findings | |
| USD 4.35 million | The average total cost of a data breach in 2022 |
| 83% | Percentage of organiations that have had more than one breach |
| USD 4.82 million | The average cost of a critical infrastructure data breach.Critical infrastructure organiations include financial services, industrial, technology, energy, transportation, communication, healthcare, education and public sectors. |
| USD 3.05 million | Average cost savings associated with fully deployed security AI and automation.On average, companies with fully deployed security AI and automation also experienced a 74-day shorter time to identify and contain the breach, known as the breach lifecycle, than those without security AI and automation. |
| USD 4.54 million | The average cost of a ransomware attack, not including the cost of the ransom itself. |
| 19% | Frequency of breaches caused by stolen or compromised credentials.Using stolen or compromised credentials remains the most common cause of a data breach and has an average cost of USD 4.50 million. |
| 59% | Percentage of organizations that don’t deploy zero trust. Organizations that don’t deploy zero trust incur an average ofUSD 1 million in greater breach costs compared to those thatdo deploy. |
| 45% | Share of breaches that occurred in the cloud.Breaches that happened in a hybrid cloud environment cost an average of USD 3.80 million, compared to USD 4.24 million for breaches in private clouds and USD 5.02 million for breaches in public clouds |
| USD 2.66 million | Average cost savings associated with an incident response (IR) team and regularly tested IR plan.Having an IR team and an IR plan that was regularly tested led to significant cost savings |
| 29 days | Savings in response time for those with extended detection and response (XDR) technologies |
| USD 9.44 million | The average breach cost in the United States is the highest in any country.The top five countries and regions with the highest average cost of a data breach were the United States at USD 9.44 million, the Middle East at USD 7.46 million, Canada at USD 5.64 million, the United Kingdom at USD 5.05 million and Germany at USD 4.85 million. |
Recommendations to help minimise the financial impacts of a data breach
- Adopt a zero trust security model to help prevent unauthorised access to sensitive data.
As organisations incorporate remote work and hybrid multicloud environments, a zero trust strategy can help protect data and resources by limiting their accessibility and requiring context.
- Protect sensitive data in cloud environments using policy and encryption
With the increasing amount and value of data being hosted in cloud environments, organizations should take steps to protect cloud-hosted databases. Some of the measures to take include:
● Protect sensitive information using data encryption and fully homomorphic encryption
● Use an internal framework for audits
● Evaluate risk across the enterprise
● Track compliance with governance requirements
- Invest in security orchestration, automation and response (SOAR), and XDR to help improve detection and response time.
SOAR and security information and event management (SIEM) software, managed detection and response services, and XDR (Extended Detection and Response) can help your organisation accelerate incident response with automation, process standardisation and integration with your existing security tools.
- Use tools that help protect and monitor endpoints and remote employees.
Unified endpoint management (UEM), endpoint detection and response (EDR) and identity and access management (IAM) products and services can help provide security teams with deeper visibility into suspicious activity.
- Create and test incident response playbooks to increase cyber resilience
Two of the most effective ways to mitigate the cost of a data breach are forming an incident response (IR) team and extensive testing of the IR plan.
Organizations can respond quickly to contain the fallout from a breach by establishing a detailed cyber incident playbook. Routinely test that plan through tabletop exercises or run a breach scenario in a simulated environment such as a cyber range.
Kenyan context
This week, the Office of the Data Protection Commissioner (ODPC) issued a press release relating to a planned audit of several Digital Credit Providers (DCPs) operating in Kenya. This followed complaints by the public that had been levelled against the DCPs relating to processing activities of personal data and data breaches.
In the press release, the ODPC announced that it had issued an enforcement notice against Aga Khan University Hospital following a data breach. The hospital has been further directed to outline specific measures it will take to mitigate or eliminate the breach.
The actions by the ODPC indicate the regulator’s willingness to flex its muscle to rein in non-compliant organisations. It is advisable that organisations that handle personal data put in place appropriate measures, including the recommendations set out in the 2022 IBM Cost of a Data Breach Report.