October 13, 2022 By Jonathan Reed 4 min read

Geopolitical conflict, inflation, job market pressure, rising debt — we’ve been hearing about economic headwinds for a while now. Could data breaches have anything to do with this?

According to a recent IBM report, the average cost of a data breach has reached an all-time high. Like any other business liability, these costs must be absorbed somehow. Given the rising risk and costs, cyberattacks have undoubtedly evolved into market stressors. The magnitude of the problem might surprise you.

Despite the undeniable challenges, there are effective methods to minimize the impact of a data breach. Let’s find out how.

Staggering numbers

We can look at the numbers to measure the impact of data breaches on economic instability. According to the IBM Cost of a Data Breach 2022 Report, the data breach average cost increased 2.6% from $4.24 million in 2021 to $4.35 million in 2022. This is also a 12.7% increase in cost from $3.86 million in the 2020 report.

Meanwhile, the UNCDF states that “the economic cost of information and technology asset security breaches in 2020 was a staggering USD 4-6 trillion, equivalent to about 4-6% of global GDP.” This translates into a $4.5 trillion impact in 2020. If the percentages stay roughly the same, the total cost will be approximately $5.2 trillion in 2022.

War makes markets unstable

When the war in Ukraine began, it sent shockwaves throughout global markets. The ripple effect continues to this day. The cyber war front has also heated up, resulting in a hybrid war effect.

The CyberPeace Institute states that:

“Cyberattacks on infrastructure such as energy, water, healthcare, financial institutions, transport and communication services can have devastating consequences on the civilian population…. Beyond the risks to critical infrastructure and civilian objects, cyberattacks sow distrust, limit access to accurate information or spread false information. They can also be highly disruptive and create a sense of fear and uncertainty and even lead to the eventual displacement of people.”

Direct consequences of incidents include a sense of fear and uncertainty. This leads to disruption at all levels of society, including the business and financial markets.

Absorbing the cost of a breach

The cost of breaches has clearly impacted the macroeconomy. Meanwhile, every organization sits down at least once a year to calculate its budget. Today, strong security has become mission-critical. Business leaders face tough choices as the cost of data breaches continues to rise. If the cost of business increases due to security concerns, then goods and service prices will also rise.

When costs go up, companies may also respond by reducing their employee headcount. It’s difficult to measure how much security issues affect employment figures. But if trillions of dollars are being lost due to attacks, people might also lose their jobs due to breaches.

Explore the Report 

Business uncertainty

Let’s say you own or run a company. How do you assess the risk? What steps do you take, given the large potential downside involved? Can you afford to spend $4.35 million on a data breach? What if you have more than one incident? In the IBM study, 83% of organizations reported having had more than one data breach.

This uneasiness forces decision makers to choose. Do you invest in stronger security? Do you increase prices just in case? Either way, the economic impact is real. In fact, the IBM report revealed that 60% of organizations’ breaches led to increases in prices passed on to customers.

Do the right thing

Despite the danger and unpredictability, companies should treat the risk of a breach like any other business risk. Risk comes with a cost and with ways to mitigate any potential damage. Directors and officers are obliged to creditors, shareholders and customers to preserve and protect business and IT assets.

Every organization, from corporations to police stations to schools to health care, is at risk. The new reality is that cybersecurity should be part of your core organizational strategy. It cannot be a second-tier priority any longer. Relying on audits, weak security add-ons and a memo now and then won’t protect your organization.

Increasingly, governments are calling for more responsible security in the public and private sectors. Security controls include management, operational and technical measures to protect the confidentiality, availability and integrity of information and technology assets.

Be prepared

The most effective attacks continue to trick people into giving up some kind of access. From there, actors sneak into systems to find or install backdoors. Attack kits and ransomware are even being sold for as-a-service.

Still, some methods can turn the tide in your favor. For instance, the IBM report revealed that breaches at organizations with fully deployed security AI and automation cost $3.05 million less than breaches at organizations with no security AI and automation deployed. This 65.2% difference in average breach cost represented the largest cost savings in the study.

Companies with fully deployed security AI and automation also experienced, on average, a 74-day shorter time to identify and contain the breach compared to those without security AI and automation.

Other factors mentioned in the report that positively impact incident response include:

  • Incident response (IR) team and regularly tested IR plan: Businesses with an IR team that tested their IR plan saw an average of $2.66 million lower breach costs.
  • Extended detection and response (XDR) technologies: Those organizations with XDR deployed shortened the breach lifecycle by 29 days on average.
  • Risk quantification: By looking at impacts, including financial impacts, availability of data and data integrity, companies can save $2.1 million on average.

Room for optimism

The threat landscape continues to increase in complexity, and the stakes are high. Security has a significant impact on the global economy. But there is hope. Effective security methods are available; it’s up to organizations to take the proper steps to minimize the damage and the costs.

More from Data Protection

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today