What is the Cost of a Data Breach in 2022?

Abi Tyas Tunggal
Abi Tyas Tunggal
updated Sep 02, 2022

In 2022, the average cost of a data breach has reached a record high of US$4.35 million, according to the 2022 cost of a data breach report by IBM and the Ponemon institute.

The report by Ponemon Institute and IBM Security takes into account hundreds of cost factors from legal, regulatory, and technical activities, loss of brand equity, customer turnover, and drain on employee productivity.

Its findings are based on 550 breaches across 17 countries and 17 industries with data gathered from over 3,600 interviews.

In this post, we summarize the critical findings of the report to help you align your data security and data breach prevention strategies against the key risk factors in 2022.

17 Key findings of the 2022 IBM Cost of Data Breach Report

The 17th cost of a data breach report by IBM and the Ponemon institute had 13 key findings:

1. Average Total Data Breach Cost Increase By 2.6%

The yearly average data breach cost increased the most between the year's 2020 and 2021 - a spike likely influenced by the COVID-19 pandemic.

YOY difference of average data breach costs

The average data breach costs in 2022 is $4.35 million, a 2.6% rise from 2021 amount of $4.24 million.

average cost of a data breach across four segments

2. Average Breach Cost was almost USD 1 Million Where Remote Work was a Factor

Organizations adopting some form of a remote working model paid an average of US$ 4.99 million for data breach damages, almost US$ 1 million more than organzations where remote work is not a factor.

average cost of a data breach where remote work was a factor in 2022

3. The Cost of a Data Breach was the Highest in the Healthcare Industry (again)

For the twelfth consecutive year, the healthcare industry has the highest data breach costs. In 2022, the healthcare industry is paying an average of US$ 10.10 million for a data breach, 9.4% more than the figure in 2021.

Average cost of data breach by industry

4. Lost Business Was Not the Primary Factor of Data Breach Costs.

Lost business costs actually decreased for the first time in 6 years, removing this category from its reputable position as the primary factor influencing data breach costs. Lost business costs in 2022 totalled USD 1.42 million, compared to USD 1.59 million in 2021.

5. Compromised Credentials was the Most Common Initial Attack Vector in 2022

Compromised credentials, such as compromised business emails, facilitated 19% of data breaches. Comparing this data to 2021 results, reveals a concerning upward trend of data breach costs caused by compromised third-party vendors. Data breach costs involving third-party breaches as the initial attack vector rose from US$ 4.33 million in 2021 to US$ 4.55 million The greatest increase was associated with system errors, which increase by $480,000.

Four initial attack vector experienced a decrease in associated breach damage costs - business email compromise, social engineering, accidental data loss, and malicious insider, which experienced the largest cost difference.

Learn more about estimating the financial impacts of cyber risks.

difference between data breach costs for initial attack vectors

The top 5 most expensive data breach attack vectors in 2021 are:

  • Business email compromise - $4.89 million (compared to $5.01 million in 2021).
  • Phishing - $4.91 million (compared to $4.65 million in 2021).
  • Malicious insiders - $4.18 million (compared to $4.61 million in 2021).
  • Social engineering criminal attacks - $4.10 million (compared to $4.47 million in 2021).
  • Vulnerabilities in third-party software - $4.55 million (compared to $4.33 million in 2021).

Click here to get a free preliminary evalutaion of your organization's data breach risk.

7. Average Number of Data to Identify and Contain a Breach was 277

The longer a breach remains undetected, the higher the financial impact will be. The new average of 277 days is 10 days less than 2021 results. Note that average data breach costs still increased despite the slight decrease in detection times.

Ransomware breaches are the hardest to detect, taking about 49 days longer; and supply chain breaches took about 26 days longer to detect. The significant impact of threat detection time on data breach damage costs highlights the importance of efficient risk remediation planning.

average time to identify and contain a data breach each year

8. XDR Technology Reduced the Data Breach Lifecycle to 29 Days

Organizations that deployed an XDR solution compressed the data breach lifecycle to just 29 days. In other words, With XDR technology, organizations can respond to a breach event in less than a month, compared, compared to 10 months (or 304 days) for organizations with XDR technology.

9. Mega Breach Damage Costs Decreased

Damage costs across 6 categories of mega breaches decreased compared to 2021 results, with the exception of breaches in the 20 - 30 million record category which increased slightly by US$ 11 million.

average cost of mega breaches in 2022

10. Zero Trust Strategies Reduced the Average Cost of a Data Breach by $1.76 Million

Companies that implemented a zero-trust architecture paid an average of US$ 4.15 million for a data breach. Those without zero trust strategies paid $1.76 million more - US$ 5.10 million.

impact of zero trust on average data breach cost

11. Security AI and Automation Controls Reduced Data Breach Costs by 70%

Security AI and automation controls helped businesses detect and contain data breaches much faster, pushing damage costs down. Organizations with fully deployed security and AI automation paid and average of US$ 3.05 million for data breach damages, US$ 1.3 million less than the global average across all security environments, and they detected breaches faster - 249 days compared to 323 days with no AI and automation solutions.

It seems that more organizations are recognising the security and cost benefits of AI mechanisms and automation efforts. Instances of fully deployed AI and automation systems increased from 25% in 2021 to 31% in 2022.

The effectiveness of intelligent Incident Response planning has been further highlighted in the 2022 report. The formation of an IR team is one of the top three factors minimizing data breach costs - a finding that's further explored in point 15 below.

Average data breach costs with security and ai automation fully deployed
Impact of key factors on data breach costs in 2022

Click here to get a free preliminary evalutaion of your organization's data breach risk.

12. Data Breaches in Hybrid Cloud Environments Cost $440,000 Million Less than Public, Private, and On-Premise Cloud Models

Hybrid cloud environment data breaches cost an average of US$ 3.80 million, compared to US$ 4.24 million in a private cloud environment.

13. Organizations with High Compliance Failures Paid an Average of $1.22 Million More for Data Breaches

Both system complexity and degree of compliance failures contributed to the higher cost of data breaches.

Learn more about compliance monitoring.

14. Average Cost of a Ransomware Breach was $4.54 Million

The average cost of a ransomware breach cost more than the average cost of a data breach - US$ 4.54 million compared to $4.35 million.

8% of analyzed breaches in this report were caused by ransomware attacks, compared to 7.8% in 2021.

Learn the difference between a ransomware attack and a data breach.

15. Organizations with an Incident Response Plan Significantly Reduced Data Breach Costs

Organizations with a well designed Incident Response Plan reduced data breach damage costs by 61%, paying a US% 2.66 million less than the global average.

Learn how to design an effective Incident Response Plan.

average cost of a data breach with incident response team and incident plan testing in 2022

16. The average costs of a critical infrastructure data breach is $4.82 million

Critical infrastructures pay about US$ 1 million more for a data breach compared to other industries. Ransomware attacks also appear to be increasing in this sector. The report found that 28% of surveyed critical infrastructures suffered a destructive ransomware attack.

Ransomware attacks were responsible for 11% of breaches in the 2022 report.

Click here to get a free preliminary evalutaion of your organization's data breach risk.

17. Supply chain attacks took 26 days longer to identify

Supply chain attacks - breaches that are facilities by a compromised third-party vendor, are becoming a critical problem. For the first time in the history this annual data breach report, supply chain compromise events were considered. it was discovered that almost 20% of all analyzed breaches in this report were caused by compromised third-party vendors in the supply chain.

Due to the increased complexity of these events, supply chain breaches took 26 days longer to detect than the global average data breach lifecycle. They also costs more, US$ 4.46 million compared to the global average of $4.35 million

Learn how to mitigate the impact of a supply chain attack in 2022.

average cost of a data breach for a supply chain compromise

What was the Biggest Contributor to Data Breach Costs in 2022?

Time was found to be the biggest contributor to data breach costs. This makes sense, the longer a breach remains undetected the more sensitive data can be exfiltrated by cybercriminals.

The negative financial impact of delayed remediation further compounds when business is lost due to system outages and customer turnover.

Organizations should set a breach detection threshold of 200 days. Events that were detected within a 200 day lifecycle had an average damage costs of US$ 3.74 million, compared to US$ 4.86 for events with a lifecycle of more than 200 days.

average cost of a data breach based on data breach lifecycle

How Long Do Data Breaches Impact Organizations?

Data breach costs accrue over several years. The 2022 cost of a data breach study found that, on average, 52% of data breach costs were incurred in the first year, 29% in the second year, and 19% more than 2 years after the event.

Average Distribution of Data Breach Costs in Low vs. High Regulation Environments

Organizations in highly regulated industries, such as healthcare organizations and financial services, suffered the worst long-tail costs with the cost of a breach rising in the second and third years compared to low-regulated industries.

High data protection regulatory environments incurred 45% of breach costs in the first year, 31% in the second year, and 24% more than 2 years after a breach.

This is likely driven by new regulatory fines and the introduction of breach notification laws like GDPR.

Learn how to manage regulatory risk in cybersecurity.

How Long was the Average Breach Lifecycle?

A breach lifecycle is the time between a data breach occurring and its containment.

In 2021, it took an average of 212 days to identify a breach and 75 days to contain it; amounting to a 287 day breach lifecycle.

In 2022, the average time to identify a breach is 207 days, and the average time to contain it is 70 days; totalling a 277 day breach lifecycle - a drop of 10 days compared to 2021 data.

The faster a data breach is identified and contained, the lower the damage costs.

Click here to learn how strategic remediation planning can help you lower the data breach lifecycle.

What is the Average Cost of a Data Breach by Country?

Data breaches in the United States continue to be vastly more expensive than other countries, with an average total of US$ 9.44 million (more than double the global average).

The Middle East is the second most expensive region for data breaches, averaging US$ 6.46 million in 2022.

Canada is ranked third with an average data breach cost of US$ 5.64 million in 2022.

Average Cost of a Data Breach by Country in 2022

UpGuard Can Help You Prevent Data Breaches and Shut Down Data Leaks in 2022

UpGuard prevents data breaches by detecting and remediating vulnerabilities across the attack surface before they're discovered by cybercriminals. This attack surface monitoring engine extends to the entire third-party landscape, even shutting down data leaks before they develop into costly third-party breaches and supply chain attacks.

Click here to get a free preliminary evalutaion of your organization's data breach risk.

Free eBook

Executive's Guide to Managing Cyber Risk

Learn how you, as an executive, can manage cyber risk across your organization.
UpGuard logo in white
Executive's Guide to Managing Cyber Risk
UpGuard free resources available for download
Learn more

Download our free ebooks and whitepapers

Insights on cybersecurity and vendor risk management.
UpGuard logo in white
eBooks, Reports & Whitepapers
UpGuard free resources available for download
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.
Deliver icon

Sign up to our newsletter

Get the latest curated cybersecurity news, breaches, events and updates in your inbox every week.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating