Consumers already pay the price for data breaches

A scenario of high inflation and low economic growth haunts several world regions. And who would say that, besides the already known supply crises and lack of employees responsible for part of this panorama, there is a new factor impacting the pockets of consumers? But, unfortunately, the data breaches are not so well known to the general public.

Yes, consumers are already paying the price resulting from data breach costs that have recently reached an all-time high. According to IBM’s “Cost of a Data Breach” report, 60% of businesses that fell victim to this type of attack raised the prices of their goods and services after the incidents.

With data breaches generating more significant financial losses and greater impact than ever, the worldwide average cost of these incidents reached US$4.35 million for the organizations studied. Moreover, in IBM’s view, these costs have grown by almost 13% over the past two years, suggesting that incidents may be contributing to the rising costs of goods and services.

What may be happening is something like a “long Covid”, paralleling the prolonged disease symptoms recorded in the pandemic”. The effects experienced by companies after breaches are growing over time – calculations show that around 50% of the costs of breaches come to light more than a year after the incidents.

The study also found that 83% of organizations surveyed have experienced more than one data breach event in their lifetime. Other findings from the survey are:

• Critical infrastructures lag in adopting Zero Trust strategies, which brings the average cost of breaches to $5.4 million – an increase of $1.17 million compared to those that do.

• Victims of ransomware attacks assessed in the survey who chose to pay the ransoms recorded just $610,000 less in average breach costs compared to those who decided not to spend – this does not include the cost of the ransom.

• Forty-three per cent of the organisations studied are in the early stages or have not even begun to apply cloud cybersecurity practices. They reported $660,000, on average, more in breach costs than surveyed organisations with a higher level of security maturity in cloud environments. The report highlighted that 45% of the breaches studied happened in the cloud, emphasising the importance of security on those premises.

• Artificial Intelligence and automation in cybersecurity lead as a facilitator of cost reductions by several million dollars. On average, organisations that deployed these features incurred $3.05 million less in breach costs compared to those studied that did not adopt these technologies—the most considerable cost savings observed in the study.

Phishing attacks are the most costly breach cause. While compromised credentials continue to reign as the most common reason (19%), phishing was the second (16%) and most expensive cause, generating $4.91 million in average breach costs for companies participating in the study.

Specifically, breach costs reached double digits among healthcare companies for the first time. Additionally, for the 12th consecutive year, members of this industry reported the most expensive breaches across industries, with average costs increasing by nearly $1 million to a record-breaking $10.1 million.

Another figure that drew attention comes from the fact that 62% of the organisations surveyed said they did not have enough staff to meet cybersecurity demands, with an average of $550,000 more in breach costs than those that said they had enough staff.

IBM’s Cost of a Data Breach 2022 Edition report used an in-depth analysis of real-world data breaches experienced by 550 organizations worldwide between March 2021 and March 2022. The research, sponsored and analyzed by IBM Security, was performed by the Ponemon Institute.