Prices are rising everywhere and the cost of a data breach is no exception.
According to the new IBM/Ponemon Cost of a Data Breach report, the average global overall cost of experiencing a data breach is now at an all-time high of $4.35 million, a 13% increase over the past two years.
It’s no surprise that data breaches, like everything else, keep getting more expensive. What is interesting, however, is that IBM suggests that the frequency and high cost of data breaches could be a factor in the rising prices of goods and services. That’s because 60% of organizations surveyed said they raised the price of their goods and services because of their data breach.
Breach costs for ransomware incidents have declined slightly, from $4.62 million in 2021 to $4.54 million this year, but are still higher than the overall average cost of a breach ($4.35 million). Ransomware makes up a greater portion of breaches this year, at 11% as opposed to 7.8% of breaches last year.
Ransomware attacks take longer to identify and contain than the overall average, at 326 days.
An interesting point when it comes to ransomware is that companies who paid the ransom saw only slightly lower overall breach costs than companies who didn’t pay. The difference was just $630,000, which doesn’t include the cost of the ransom payment. Given that ransom payments now commonly approach $1 million, companies should seriously assess whether paying the ransom will be worth it in the end.
Remote work saves orgs money in real estate costs, but it’s associated with higher data breach costs. The greater the percentage of employees working remotely, the higher the data breach costs. Organizations with over 80% of employees working remotely saw breach costs average $5.10 million, while those with 20% or fewer working remotely spent $3.99 million on average in a breach.
The much-publicized cyber skills gap affects orgs’ bottom line when applied to the cost of a data breach. Understaffed organizations report data breach costs of $550,000 more on average, and 62% of orgs say they are not sufficiently staffed.
Cloud migration is necessary for companies to continue to scale, grow and transform for the future, but it is associated with higher breach costs. Companies reporting a high level of cloud migration saw higher breach costs, at $5.63 million on average, compared to companies with a low level of cloud migration ($3.36 million).
This should not scare companies away from the cloud, however. The good news is that companies with high-level cloud migration and mature cloud security saw an average breach cost of just $3.87 million. To sum it up, move to the cloud, but do it securely.