October 11, 2023 By Jonathan Reed 4 min read

Today, the pace of world change astounds us, and cybersecurity reflects that, unlike any other industry. The data from the last decade tells us an amazing — and sometimes troubling — story. In 2014, the average cost of a data breach was $3.5 million. Today, the average cost of a data breach has surged nearly 30% to $4.45 million per breach. Meanwhile, companies in the U.S. spend an average of $9.48 million per breach, according to the latest report.

As the threat landscape continues to evolve, what lessons can we learn from the past 10 years? What has changed? What has remained the same? To start, let’s review some of the most important trends and findings found in the Ponemon / IBM Cost of a Data Breach reports over the last decade.

What country has the highest data breach costs?

For 13 consecutive years, the United States has held the title for the highest average data breach cost. In 2013, the average total organizational cost of a breach in the U.S. was $5.4 million. But in 2023, the total swelled to $9.48 million per breach in the U.S., a whopping 75.5% increase. The Middle East was in second place with a cost per breach of $8.07 million. In third place, Canada had a cost of $5.13 million per breach.

The year 2017 was the first year when comprehensive global data was collected for the report. Since then, the top four regions (varying in order) in terms of cost per breach have been the United States, the Middle East, Canada and Germany, with the U.S. at the number one spot every year.

What industry has the highest data breach costs?

Healthcare has held the top spot for the cost of a data breach for the last 13 years. The 2023 report revealed that healthcare organizations spent $10.93 million per breach on average. For the majority of the reporting periods, financial and pharmaceuticals have held second and third place in the cost per industry.

Encryption isn’t enough anymore

The 2015 Cost of a Data Breach report was the first time a detailed breakdown was provided about mitigating factors for data breach costs. And from 2015 to 2019, the top two factors held a five-year winning streak. The leading factors during those years were the formation of an incident response (IR) team followed by the extensive use of encryption.

In 2020, things changed significantly. That year, encryption fell from the second most important factor to seventh place. Meanwhile, a new actor appeared in fourth place: the AI platform. And in 2022, AI was the leading factor that impacted the average total cost of a data breach. The DevSecOps approach also has risen in the ranks of importance, ranking first in the latest report.

In the most recent Cost of a Data Breach report, the use of extensive security AI and automation continues to demonstrate measurable benefits. On average, security AI and automation result in a 108-day shorter time to identify and contain the breach, as well as $1.76 million lower data breach costs.

Read the full report

Impact of Covid-19 on data breach costs

If there was a watershed moment in the last decade, it was the Covid-19 pandemic. The mass exodus to remote work during 2020 had a profound impact on cyber. As per the 2021 Cost of a Data Breach, the average cost grew by $1.07 million in breaches where remote work was a factor in causing the breach. Additionally, organizations with more than half of their employees working remotely took 58 days longer to identify and contain breaches.

As the pandemic impacted nearly every sector of society, organizations quickly came to grips with a new reality: the conventional notion of a perimeter was gone forever. However, solutions became available to improve protection in the era of the new, more fluid network perimeter.

For instance, the 2023 breach report revealed the value of attack surface management (ASM). ASM is a set of processes that aids in the discovery, analysis, remediation and monitoring of an organization’s potential attack surfaces or vulnerabilities. Organizations that deployed ASM were able to identify and contain data breaches in 25% less time compared to those without an ASM solution.

Data breach root causes and vectors

In the early days of the Cost of a Data Breach reports, root causes were divided into three categories. In 2013, the report revealed the ratios to be:

  • Malicious or criminal attack: 37%
  • System glitch: 29%
  • Human error: 35%.

Since then, malicious attacks increased to over 50%, while system glitches and human error each accounted for about a quarter of cases, as per the 2020 report. This was the last year the report broke down the data in this manner. The increased percentage of malicious attacks could be due to improved systems and less human error. But more likely, the increase is also due to the continued surge in cyber aggression against organizations worldwide.

As far as attack vectors go, phishing and stolen credentials rank high year after year. Since the pandemic, cloud misconfiguration has also risen as one of the most common initial attack vectors.

What about the Ukraine war?

How did the Ukraine war affect the cost of a data breach? It’s hard to extrapolate the impact of the conflict into real numbers. In fact, the Cost of a Data Breach reports never even mention the war. Surprisingly, this might be because it hasn’t become a major factor in breach costs worldwide.

Some experts expected an increased activity in state-sponsored attacks due to the ongoing conflict in Ukraine. But, a significant increase has not been observed globally. There has been some evidence of increased ideological or hacktivism attacks related to the geopolitical situation. But the war hasn’t made a dent in larger statistical terms, and this likely explains its absence in the Cost of a Data Breach report.

The rise of supply chain concerns

In the wake of the Solar Winds incident, a greater emphasis was placed on supply chain security. In the 2021 report, the term “supply chain” wasn’t even mentioned. But in 2022, all that changed. That year, it was reported that one-fifth of breaches in the study were the result of a supply chain compromise. And the average total cost of a supply chain compromise was $4.46 million.

The concern continues as the 2023 report notes that business partner supply chain compromises cost 11.8% more and take 12.8% longer to identify and contain than other breach types.

What’s next?

The last 10 years have been tumultuous, to say the least. With the rise of AI and quantum computing on the horizon, what will the next 10 years of cyber have in store for us? One thing is guaranteed: it’s unpredictable.

More from Data Protection

Third-party access: The overlooked risk to your data protection plan

2 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors.The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In this…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today