October 13, 2022 By Jonathan Reed 4 min read

Geopolitical conflict, inflation, job market pressure, rising debt — we’ve been hearing about economic headwinds for a while now. Could data breaches have anything to do with this?

According to a recent IBM report, the average cost of a data breach has reached an all-time high. Like any other business liability, these costs must be absorbed somehow. Given the rising risk and costs, cyberattacks have undoubtedly evolved into market stressors. The magnitude of the problem might surprise you.

Despite the undeniable challenges, there are effective methods to minimize the impact of a data breach. Let’s find out how.

Staggering numbers

We can look at the numbers to measure the impact of data breaches on economic instability. According to the IBM Cost of a Data Breach 2022 Report, the data breach average cost increased 2.6% from $4.24 million in 2021 to $4.35 million in 2022. This is also a 12.7% increase in cost from $3.86 million in the 2020 report.

Meanwhile, the UNCDF states that “the economic cost of information and technology asset security breaches in 2020 was a staggering USD 4-6 trillion, equivalent to about 4-6% of global GDP.” This translates into a $4.5 trillion impact in 2020. If the percentages stay roughly the same, the total cost will be approximately $5.2 trillion in 2022.

War makes markets unstable

When the war in Ukraine began, it sent shockwaves throughout global markets. The ripple effect continues to this day. The cyber war front has also heated up, resulting in a hybrid war effect.

The CyberPeace Institute states that:

“Cyberattacks on infrastructure such as energy, water, healthcare, financial institutions, transport and communication services can have devastating consequences on the civilian population…. Beyond the risks to critical infrastructure and civilian objects, cyberattacks sow distrust, limit access to accurate information or spread false information. They can also be highly disruptive and create a sense of fear and uncertainty and even lead to the eventual displacement of people.”

Direct consequences of incidents include a sense of fear and uncertainty. This leads to disruption at all levels of society, including the business and financial markets.

Absorbing the cost of a breach

The cost of breaches has clearly impacted the macroeconomy. Meanwhile, every organization sits down at least once a year to calculate its budget. Today, strong security has become mission-critical. Business leaders face tough choices as the cost of data breaches continues to rise. If the cost of business increases due to security concerns, then goods and service prices will also rise.

When costs go up, companies may also respond by reducing their employee headcount. It’s difficult to measure how much security issues affect employment figures. But if trillions of dollars are being lost due to attacks, people might also lose their jobs due to breaches.

Explore the Report 

Business uncertainty

Let’s say you own or run a company. How do you assess the risk? What steps do you take, given the large potential downside involved? Can you afford to spend $4.35 million on a data breach? What if you have more than one incident? In the IBM study, 83% of organizations reported having had more than one data breach.

This uneasiness forces decision makers to choose. Do you invest in stronger security? Do you increase prices just in case? Either way, the economic impact is real. In fact, the IBM report revealed that 60% of organizations’ breaches led to increases in prices passed on to customers.

Do the right thing

Despite the danger and unpredictability, companies should treat the risk of a breach like any other business risk. Risk comes with a cost and with ways to mitigate any potential damage. Directors and officers are obliged to creditors, shareholders and customers to preserve and protect business and IT assets.

Every organization, from corporations to police stations to schools to health care, is at risk. The new reality is that cybersecurity should be part of your core organizational strategy. It cannot be a second-tier priority any longer. Relying on audits, weak security add-ons and a memo now and then won’t protect your organization.

Increasingly, governments are calling for more responsible security in the public and private sectors. Security controls include management, operational and technical measures to protect the confidentiality, availability and integrity of information and technology assets.

Be prepared

The most effective attacks continue to trick people into giving up some kind of access. From there, actors sneak into systems to find or install backdoors. Attack kits and ransomware are even being sold for as-a-service.

Still, some methods can turn the tide in your favor. For instance, the IBM report revealed that breaches at organizations with fully deployed security AI and automation cost $3.05 million less than breaches at organizations with no security AI and automation deployed. This 65.2% difference in average breach cost represented the largest cost savings in the study.

Companies with fully deployed security AI and automation also experienced, on average, a 74-day shorter time to identify and contain the breach compared to those without security AI and automation.

Other factors mentioned in the report that positively impact incident response include:

  • Incident response (IR) team and regularly tested IR plan: Businesses with an IR team that tested their IR plan saw an average of $2.66 million lower breach costs.
  • Extended detection and response (XDR) technologies: Those organizations with XDR deployed shortened the breach lifecycle by 29 days on average.
  • Risk quantification: By looking at impacts, including financial impacts, availability of data and data integrity, companies can save $2.1 million on average.

Room for optimism

The threat landscape continues to increase in complexity, and the stakes are high. Security has a significant impact on the global economy. But there is hope. Effective security methods are available; it’s up to organizations to take the proper steps to minimize the damage and the costs.

More from Data Protection

The compelling need for cloud-native data protection

4 min read - Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.The reason for this high cost is not only the…

Data residency: What is it and why it is important?

3 min read - Data residency is a hot topic, especially for cloud data. The reason is multi-faceted, but the focus has been driven by the General Data Protection Regulation (GDPR), which governs information privacy in the European Union and the European Economic Area.The GDPR defines the requirement that users’ personal data and privacy be adequately protected by organizations that gather, process and store that data. After the GDPR rolled out, other countries such as Australia, Brazil, Canada, Japan, South Africa and the UAE…

Third-party breaches hit 90% of top global energy companies

3 min read - A new report from SecurityScorecard reveals a startling trend among the world’s top energy companies, with 90% suffering from data breaches through third parties over the last year. This statistic is particularly concerning given the crucial function these companies serve in everyday life.Their increased dependence on digital systems facilitates the increase in attacks on infrastructure networks. This sheds light on the need for these energy companies to adopt a proactive approach to securing their networks and customer information.2023 industry recap:…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today