According to a new IBM security report, the global average cost of data breaches reached $4.35 million in 2022 which is an all time high, following the cost of $4.24 million in 2021.
The annual report was conducted by Ponemon Institute and analyzed by IBM Security. The company analyzed data breaches occurred between March 2021 and March 2022 to 550 organizations across the world.
Ransomware At The Top Of The List
Ransomware and destructive attacks represented 28% of breaches among critical infrastructure organizations studied, indicating threat actors specifically targeting the sector for disrupting global supply chain. The critical infrastructure sector includes financial services, industrial, transportation, and healthcare companies.
Healthcare Is Still Being Hit the Hardest
Healthcare has been for the last 12 years and continues to be the industry hit hardest by the cost of breaches, with average costs per breach increasing by $1 million to a record total of $10.1 million.
Cloud Environments Not Adopting Security Practices
Forty-three percent of studied organizations are in the early stages or have not started applying security practices across their cloud environments, observing over $660,000 on average in higher breach costs than studied organizations with mature security across their cloud environments.
However, 45% of organizations which are adopting hybrid clouds, have experienced lower breach costs than the ones focusing only on public or private cloud models.
While the breach cost for hybrid cloud averaged $3.8 million, public clouds recorded $5.02 million while private clouds recorded $4.24 million in breach costs respectively.
Data Breach Average Cost By Country/Region
The top five countries or regions with the highest average cost of a data breach were:
1. The United States — USD 9.44 million
2. The Middle East — USD 7.46 million
3. Canada — USD 5.64 million
4. The United Kingdom — USD 5.05 million
5. Germany — USD 4.85 million
The Most Common Attack Vectors
he most common initial attack vector in 2022 was stolen or compromised credentials, responsible for 19% of breaches in the study, at an average cost of $4.50 million.