October 11, 2023 By Jonathan Reed 4 min read

Today, the pace of world change astounds us, and cybersecurity reflects that, unlike any other industry. The data from the last decade tells us an amazing — and sometimes troubling — story. In 2014, the average cost of a data breach was $3.5 million. Today, the average cost of a data breach has surged nearly 30% to $4.45 million per breach. Meanwhile, companies in the U.S. spend an average of $9.48 million per breach, according to the latest report.

As the threat landscape continues to evolve, what lessons can we learn from the past 10 years? What has changed? What has remained the same? To start, let’s review some of the most important trends and findings found in the Ponemon / IBM Cost of a Data Breach reports over the last decade.

What country has the highest data breach costs?

For 13 consecutive years, the United States has held the title for the highest average data breach cost. In 2013, the average total organizational cost of a breach in the U.S. was $5.4 million. But in 2023, the total swelled to $9.48 million per breach in the U.S., a whopping 75.5% increase. The Middle East was in second place with a cost per breach of $8.07 million. In third place, Canada had a cost of $5.13 million per breach.

The year 2017 was the first year when comprehensive global data was collected for the report. Since then, the top four regions (varying in order) in terms of cost per breach have been the United States, the Middle East, Canada and Germany, with the U.S. at the number one spot every year.

What industry has the highest data breach costs?

Healthcare has held the top spot for the cost of a data breach for the last 13 years. The 2023 report revealed that healthcare organizations spent $10.93 million per breach on average. For the majority of the reporting periods, financial and pharmaceuticals have held second and third place in the cost per industry.

Encryption isn’t enough anymore

The 2015 Cost of a Data Breach report was the first time a detailed breakdown was provided about mitigating factors for data breach costs. And from 2015 to 2019, the top two factors held a five-year winning streak. The leading factors during those years were the formation of an incident response (IR) team followed by the extensive use of encryption.

In 2020, things changed significantly. That year, encryption fell from the second most important factor to seventh place. Meanwhile, a new actor appeared in fourth place: the AI platform. And in 2022, AI was the leading factor that impacted the average total cost of a data breach. The DevSecOps approach also has risen in the ranks of importance, ranking first in the latest report.

In the most recent Cost of a Data Breach report, the use of extensive security AI and automation continues to demonstrate measurable benefits. On average, security AI and automation result in a 108-day shorter time to identify and contain the breach, as well as $1.76 million lower data breach costs.

Read the full report

Impact of Covid-19 on data breach costs

If there was a watershed moment in the last decade, it was the Covid-19 pandemic. The mass exodus to remote work during 2020 had a profound impact on cyber. As per the 2021 Cost of a Data Breach, the average cost grew by $1.07 million in breaches where remote work was a factor in causing the breach. Additionally, organizations with more than half of their employees working remotely took 58 days longer to identify and contain breaches.

As the pandemic impacted nearly every sector of society, organizations quickly came to grips with a new reality: the conventional notion of a perimeter was gone forever. However, solutions became available to improve protection in the era of the new, more fluid network perimeter.

For instance, the 2023 breach report revealed the value of attack surface management (ASM). ASM is a set of processes that aids in the discovery, analysis, remediation and monitoring of an organization’s potential attack surfaces or vulnerabilities. Organizations that deployed ASM were able to identify and contain data breaches in 25% less time compared to those without an ASM solution.

Data breach root causes and vectors

In the early days of the Cost of a Data Breach reports, root causes were divided into three categories. In 2013, the report revealed the ratios to be:

  • Malicious or criminal attack: 37%
  • System glitch: 29%
  • Human error: 35%.

Since then, malicious attacks increased to over 50%, while system glitches and human error each accounted for about a quarter of cases, as per the 2020 report. This was the last year the report broke down the data in this manner. The increased percentage of malicious attacks could be due to improved systems and less human error. But more likely, the increase is also due to the continued surge in cyber aggression against organizations worldwide.

As far as attack vectors go, phishing and stolen credentials rank high year after year. Since the pandemic, cloud misconfiguration has also risen as one of the most common initial attack vectors.

What about the Ukraine war?

How did the Ukraine war affect the cost of a data breach? It’s hard to extrapolate the impact of the conflict into real numbers. In fact, the Cost of a Data Breach reports never even mention the war. Surprisingly, this might be because it hasn’t become a major factor in breach costs worldwide.

Some experts expected an increased activity in state-sponsored attacks due to the ongoing conflict in Ukraine. But, a significant increase has not been observed globally. There has been some evidence of increased ideological or hacktivism attacks related to the geopolitical situation. But the war hasn’t made a dent in larger statistical terms, and this likely explains its absence in the Cost of a Data Breach report.

The rise of supply chain concerns

In the wake of the Solar Winds incident, a greater emphasis was placed on supply chain security. In the 2021 report, the term “supply chain” wasn’t even mentioned. But in 2022, all that changed. That year, it was reported that one-fifth of breaches in the study were the result of a supply chain compromise. And the average total cost of a supply chain compromise was $4.46 million.

The concern continues as the 2023 report notes that business partner supply chain compromises cost 11.8% more and take 12.8% longer to identify and contain than other breach types.

What’s next?

The last 10 years have been tumultuous, to say the least. With the rise of AI and quantum computing on the horizon, what will the next 10 years of cyber have in store for us? One thing is guaranteed: it’s unpredictable.

More from Data Protection

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today