Download our FREE whitepaper on data loss prevention best practices. Download Now

The Cost of a Data Breach in 2023

The Cost of a Data Breach in 2023

Posted byCristina Pop Posted inData Loss Prevention

The average cost of a data breach continues to rise as companies deal with the fallout from unauthorized access to, or leaks of, sensitive information. The latest version of IBM’s eagerly anticipated Cost of a Data Breach Report 2023 puts the figure at $4.45 million on average per breach. With a 15 percent increase in data breach costs in just three years, this article delves into the details of IBM’s 2023 report and unpacks some of the most interesting and actionable insights.

Data Breaches: A Brief Refresher

Before getting to the report, it’s worth a reminder that a data breach incident occurs when there is unauthorized access, disclosure, or use of sensitive or confidential information. While often associated with cybercrime and stolen information, data breaches encompass accidental exposure of information as well. Common types of data compromised in breach incidents include:

  • Personal Identifiable Information (PII) like names, addresses, Social Security numbers, driver’s license information, and dates of birth that cybercriminals use for identity theft.
  • Financial information like credit card numbers, bank account numbers, etc.
  • Login credentials, including usernames and passwords for various online services like eBay, Amazon, and Yahoo, often get compromised and made available for sale on the dark web where anyone can buy the credentials via Bitcoin or another cryptocurrency.
  • Customer data and user data like purchase history, personal preferences, phone numbers, social media, and behavioral data about user accounts.

The methodology IBM uses to calculate the cost of a breach in its annual report is activity-based. This method accounts for cost factors like detecting the breach, issuing notifications to affected parties, minimizing lost business in the post-breach window, and potential regulatory fines for violations of data protection laws.

Initial Attack Vectors in Data Breaches

The 2023 report presents findings about initial attack vectors organized into both frequency and cost. The two most common initial attack vectors in the analyzed data breaches were phishing and stolen/compromised credentials. Phishing attacks fall into the wider umbrella of social engineering attacks that use various types of psychological manipulation to break into systems and user accounts. Stolen credentials can bypass authentication mechanisms, although sometimes hackers compromise credentials when users don’t set strong passwords.

Two new initial attack vectors included by IBM for the first time in 2023 are unknown (zero-day) and known vulnerabilities. While zero-days are harder to find, they were actually more commonly exploited in data breaches than known vulnerabilities. Usually, more advanced hackers like Russian-sponsored APT groups exploit zero-days and install special malware known as backdoors that help them covertly snoop on and access sensitive internal communications, trade secrets, and more.

But it’s not just crafty hackers and cybercriminals who cause these security breaches – accidental data loss or lost/stolen devices and cloud misconfiguration were prominent initial attack vectors that led to sensitive data access or data leaks. Robust information security depends equally on technology, process, and user training and awareness to minimize the risk of unintentional data loss or exposure.

Interestingly, when breaking down the cost of a breach per initial attack vector, security incidents involving malicious insiders top the list at $4.9 million. These higher costs from malicious actors covertly stealing or transferring data out of companies perhaps reflect the fact that cyberattacks from within are often harder to detect and contain. Digging further into the data reveals that containing a data breach caused by a malicious insider took around 10 months on average.

Main Attack Types in Data Breaches

The initial attack vector describes how computer systems get first breached or how data gets compromised. But the report also describes in more detail the different types of malicious cyber attacks that caused data breaches. For 2023, ransomware accounted for 24 percent of malicious cyber attacks that caused data breaches. Threat actors opt for ransomware attacks that involve stealing data because they can demand more money when they use stolen data to blackmail companies.

The second most common type of attack in 2023 was what IBM calls, “destructive attacks.” The definition of a destructive attack is that these render systems inoperable. Distributed denial of service (DDoS attacks) that overwhelm servers with traffic fall into this category. In total, destructive attacks were the most commonly seen in data breaches at 25 percent.

Data Breach Costs by Industry

Cybersecurity leaders and decision-makers often skip straight to the industry demographics of IBM’s report to see how the trends look in their specific sectors. In 2023, breaches of confidential information financially hit organizations most often in the following four sectors:

  1. Healthcare
  2. Financial Services
  3. Pharmaceutical
  4. Energy

These results call to mind high-profile data breaches in previous years, including hotel chain Marriott in the services sector, Verizon in technology, and Equifax in the financial sector.

Reducing the Cost of a Data Breach

Here are some useful takeaways from the report for reducing the cost of a data breach:

  • Practicing incident response is vital in minimizing the time to contain a breach and ultimately reducing costs. This means having a dedicated incident response plan along with regular drills to test out and improve its effectiveness.
  • Companies that involve law enforcement in data breaches can save up to $470,000 compared to those that don’t. So, it’s worth contacting the relevant authorities promptly if data breaches and exfiltration hit your company.
  • Leverage automation and more advanced AI-based user behavior analytics to speed up detection, because the faster you can detect a breach, the lower the cost.
  • Invest more in employee training and awareness. The 2023 report found a 33.9 percent cost reduction for data breaches at companies with high levels of training and awareness versus those with low levels.

Conclusion

IBM’s annual report on data breach costs showed that, in 2023, the upward trend of growing costs shows no sign of slowing down. Hefty regulatory fines, a more dangerous threat landscape, and the growing value and volume of data all contribute to these rising costs. Organizations in all sectors have options available to help reduce the cost of data breaches when they happen.

And lastly, remember that data breaches don’t need to be inevitable. Many of these incidents are completely preventable through appropriate security measures, such as implementing least privilege access permissions, using Data Loss Prevention (DLP) tools with the functionality to block unauthorized transfers, and encrypting data so hackers can’t decipher it.

Make data protection a priority with Endpoint Protector by CoSoSys. Our DLP solution works across multiple operating systems to help you discover, monitor, and protect your sensitive data from many of the data security compromises that arise on endpoint systems like employee workstations.

Request a demo today.

Frequently Asked Questions

What is the average cost of a data breach in 2023, and how has it changed over the years?
In 2023, the global average cost of a data breach reached a record high of $4.45 million. This figure represents a 15 percent increase over the last three years.
What are the most common causes of data breaches?
The most common causes of data breaches are phishing attacks, stolen/compromised credentials, cloud misconfiguration, and software vulnerabilities.
How can organizations reduce the likelihood of a data breach?
Organizations can reduce the chance of a data breach by implementing effective patch management, blocking unauthorized data transfers with DLP tools, encrypting data both at rest and in transit, and investing in stellar employee training and awareness.

Explore More on Data Loss Prevention

Interested in diving deeper into the world of Data Loss Prevention? Check out these hand-picked resources to expand your knowledge:

Data Loss Prevention: The Complete Guide What is DLP? A Deep Dive Into Its Core Mechanisms DLP Policy 101: From Basics to Best Practices Data Loss Prevention Best Practices: A Comprehensive Guide 5 Pillars of a Strong Data Loss Prevention Strategy DLP Security: Essentials for Business Data Protection
explainer-c_learning

Download our free ebook on
Data Loss Prevention Best Practices

Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.

Download Now

In this article:

    Latest Posts

    Top Articles

    Best Practices for Source Code Security

    Best Practices for Source Code Security
    How to Control USBs and Removable Devices with Endpoint Protector

    How to Control USBs and Removable Devices with Endpoint Protector
    Keeping Source Code Safe with Data Loss Prevention

    Keeping Source Code Safe with Data Loss Prevention
    Dedicated DLP VS Integrated DLP

    Dedicated DLP VS Integrated DLP
    Top 3 Reasons to Use Endpoint Data Loss Prevention

    Top 3 Reasons to Use Endpoint Data Loss Prevention
    5 Ways Large Enterprises Protect their Data

    5 Ways Large Enterprises Protect their Data
    Gartner DLP: The Story of the Missing Enterprise Magic Quadrant

    Gartner DLP: The Story of the Missing Enterprise Magic Quadrant
    Request Demo
    * Your privacy is important to us. Check out our Privacy Policy for more information.

    Trusted by