Data breaches have increasingly high costs, according to IBM Security experts in an annual study. Organizations often pass on costs to customers.

Big Blue’s 2022 Cost of a Data Breach Report states that 83 percent of respondents experienced one or more data breaches in the past year. Affected companies increasingly suffer from attacks. The costs of an average breach rose by 13 percent in the past two years. Breaches now cost an average of €4.3 million.

Targeting cloud environments

The costs for companies in critical sectors were even higher (€4.7 million). Furthermore, approximately 27 percent of respondents suffered a ransomware attack in the past year. 17 percent dealt with a data breach involving the supply chain.

Almost half of all breaches occurred in cloud environments. Breaches in public cloud and private cloud environments were particularly costly. In contrast, breaches in hybrid environments had lower costs. Companies with hybrid cloud environments identified and solved breaches faster.

Security technology reduces damage

The researchers found that investments in modern security technology and measures directly correlate to the costs of a breach. Companies that invest in security technology lose less to breaches than companies that don’t.

Big Blue notes that phishing is the most costly cause. Most data breaches started with compromised passwords, usernames and other secrets. Furthermore, victims that didn’t pay after a ransomware attack lost more money than victims who did.

Costs passed on to customers

IBM indicates that data breaches directly affect a victim’s customers. More than half of the respondents said that the costs of a data breach are ultimately passed on to customers. These costs come on top of price increases from material shortages and inflation.

Tip: What we learned from billions of IBM data points tracking cybercrime