Average data breach now costs record $4.35 million

Most organizations report multiple data breaches

The average cost of a data breach hit an all-time high of $4.35 million this year, up 2.6% from a year ago and 12.7% from 2020, according to 2022 Cost of a Data Breach Report conducted by Ponemon Institute and IBM Security.

The report reveals that 83% of organizations have experienced more than one data breach, while only 17% said this was their first data breach. For those experience a breach, 60% said they increased the prices of goods and services as a result of losses from the breach.

Most organizations are now using security AI and automation, with 70% now deploying it, up from 59% in 2020. Those that reported full deployment experienced breach costs that were $3.05 million less than those without it. Those with AI security also saw a data breach lifecycle that was 74 days shorter than the average of those without it.

In health care, breach costs increased 42%, growing from $7.13 million in 2020 to $10.10 million in 2022. Health care has been the highest cost industry for 12 years in a row.

The good news is the average cost of a ransomware attack – not including the ransom payment – went down slightly in 2022, from $4.62 million to $4.54 million. The share of breaches by ransomware grew from 7.8% in 2021, to 11% in 2022, a growth rate of 41%.