Blog Packetlabs State of Security Series: The True Cost of a Data Breach

A data breach of any size is a strategic and financial nightmare for all businesses. Data breaches occur when hackers and/or malware gain access to sensitive information that should be safeguarded by intensive cybersecurity measures.

However, as a result of poor cybersecurity, a lack of training, or even widespread technical errors, it’s easier than many company owners think to suffer these breaches. Over 3,150 different data compromises occurred in 2024, which is close to the all time record in 2023. Victim notices, too, are increasing by more than 200%.

Data breach costs are increasing for various reasons. For example, hacker demands are increasing, and new technology is helping attackers become more sophisticated. Regardless of the why, it’s never been more important for companies to protect their data.

In this article, we’ll explore:

• How much data breaches cost based on location and sector

• What increases the costs of a data breach

• How data breaches happen

• How to reduce the chances of data breaches occurring

Costs of Data Breaches by Country

IBM’s research further suggests that the USA is paying more than most for data breach recovery. Although the average cost of a data breach in America has decreased slightly, it still exceeds $9.36 million.

The costs of data breaches in the Middle East, however, are increasing – to a concerning extent. IBM’s data shows us that compared to an average of $8.07 million per breach in 2023, it’s now costing Middle Eastern companies an average of $8.75 million to bounce back.

The leap in costs from third to second place is almost $3 million, meaning there appears to be a higher risk of running a data-driven business in the US and the Middle East compared to anywhere else in the world.

However, as we advise our customers, the better approach to take is to simply focus on protecting your data effectively, regardless of what’s happening in the rest of the country or industry. More on protection strategies a little further down.

Industry-Specific Breach Costs

One point that various research points online agree on is that healthcare appears to be at biggest risk from the most costly data breaches. That’s not difficult to understand – this industry handles some of society’s most critical systems and most sensitive and valuable data. For hackers, healthcare businesses are some of the most appealing to attack due the nature of the data they hold and usefulness in identity theft.

Data from the first half of the 2020s, according to aggregation by Statista, shows that healthcare’s position as the hardest-hit financially has been consistent since 2020. Costs of data breaches in the industry have fluctuated, however, they sit presently at around $9.77 million, much higher than the US and general averages.

“The average breach cost for healthcare fell 10.6%, to USD 9.77 million. But that factor wasn’t enough to remove it from the top costliest industry for breaches—a spot it’s held since 2011. Healthcare remains a target for attackers since the industry often suffers from existing technologies and is highly vulnerable to disruption, which can put patient safety at stake.”

IBM

Sectors such as transportation, communications, entertainment, consumer services, education, research, and retail all fall below this average. However, they still experience average breach costs measuring between $3.82 and $4.43 million.

What Drives Costs Up

Several factors can increase the potential cost of data breaches, meaning that regardless of the industry you operate in, you should always be cautious about some general risks.

Some factors influencing breach costs can include:

• Delays in detecting breaches. The longer data breaches go undetected, the more damage hackers can potentially do. For example, they could sit within an infrastructure and steal data as it is created, increasing the cost of your reputational repair and potential loss of business.

• Legal and compliance costs. Regulatory bodies can fine companies highly if there is clear negligence with regard to data security. In the event of a breach that clearly shows a lack of compliance with the General Data Protection Regulation (GDPR), for example, a company could be fined millions.

• Legal action. In some cases, individuals or companies can sue for data theft or loss depending on the nature of the breach and what harm could have been avoided with stronger cybersecurity measures.

• Operational losses. Data breaches can result in significant downtime for companies that need to shut down operations temporarily to resolve faults.

• Reputation and business impact. Data breaches never look positive in the court of public perception. A firm that loses significant data without due protection could lose significant business unless it takes ownership of the scandal and applies the lessons learned.

• The extent of the breach. Larger-scale data breaches can require more resources and expert personnel to repair any damage caused.

• Loss of intellectual property. The sensitivity of the data leaked in a breach can also impact costs. For example, if you store highly sensitive IP or trade secrets, you might be at risk of litigation.

How Do Data Breaches Happen?

Unfortunately, there are many different ways in which a company can suffer a data breach. It’s all the more reason why our customers regularly run our penetration testing services – we help them tighten up their cybersecurity by running false hacks to expose hidden faults.

In any industry and with any type of data, you are always at risk from any of the following:

Phishing and Social Engineering

Phishing is a confidence trick where a hacker tricks a company recipient into clicking a malicious link or giving up login credentials. Via email, this is also known as business email compromise, or BEC.

Along similar lines to phishing, social engineering is the act of convincing a target to give away secrets through careful manipulation – in person, via phone, or online.

According to FBI statistics, 2023 saw adjusted losses for BEC in the US reach a staggering total of more than $2.9 billion!

Malware

Malware is a term that covers various worms, viruses, trojans, bugs, and other malicious software designed to attack and steal data from a target. Some malware will also bring down systems completely, or lock data away.

Common attack vectors such as ransomware are particularly worrying for business owners right now. This type of malware takes control of a target’s systems and locks data away until a ransom is paid to the hacker involved.

According to IBM’s research, the average cost of a data breach via ransomware is around $4.91 million – close to the global, general average.

Cloud Security Challenges

Although cloud computing is highly efficient and accessible, there are also myriad data risks. In a cloud-based environment, you’re likely to work with multiple third-party vendors, all of whom have their own security responsibilities. Gaps in their security could lead to serious data breaching at your side.

IBM further reports that most of the breach data it analyzed stemmed from public cloud setups or those with multiple endpoints and connections.

Insider Threats

It is easy to assume that all data breaches occur outside the company. And, while it’s true that many do, several emanate from within a business – for example, a bad actor within a company might use their position to steal data or sell access to another.

The Ponemon Institute advises that a malicious insider threat could account for an average cost of $701,500 per incident. However, this is a general average – consider the large variances by industry as explored above!

The impact of AI and automation on attack vectors (i.e., attacks are becoming easier to orchestrate) may also increase the scale of insider threats for the years ahead.

Human Error / Human Element in Breaches

We all make mistakes – but unfortunately, when it comes to data handling, negligent errors can be extremely costly. The Ponemon Institute claims that, of the incidents it researched, insider negligence was by far the most common root cause of a data breach.

“There are a variety of reasons employees can put their organizations at risk. These include not ensuring their devices are secured, not following the company’s security policy, forgetting to patch and upgrade to the latest version.”

The Ponemon Institute

IBM further states that human error – or, IT failures – accounted for 55% of all data breaches in its study. There is no clear data to suggest how much money human error loses companies on average, however, IBM clearly suggests the impact is significant.

How to Reduce Data Breach Costs

As cybersecurity specialists, we know that prevention is always better than the cure. Our customers regularly say how relieved they are not to become part of such expensive statistics!

The breach costs we’ve discussed in this article are incurred because preventions weren’t effective – and there are several ways you can stop a costly data breach from draining your company.

Here are some of the most important and effective ways you can reduce data breach costs as a simple checklist, including preventative measures:

• Run regular penetration tests to learn more about how hackers perceive your cybersecurity

• Invest in vulnerability scanning and perform security checks as part of a vital routine

• Regularly change passwords and check user / employee permissions

• Keep all programs and security measures up to date, and patch errors and weaknesses as soon as they arise

• Train employees thoroughly and check cybersecurity knowledge across the company

• Aim to respond quickly to potential threats

• Invest in cybersecurity insurance to help reduce the overheads of any potential crises

• Take ownership of any problems that arise and take public steps to remedy problems that fall out from a breach

• Increase the security measures you have in place to prevent leakage (perhaps with advice from penetration testers)

• Improve threat detection standards to spot potential hazards faster

• Only work with third-party vendors and supply chain parties you know you can trust (vet their security as well as your own)

• Draw up a breach / crisis response plan and make sure any personnel involved know their roles and responsibilities

• Use multi-factor authentication (MFA) to ensure only authorized personnel can access sensitive data

Conclusion

Cyberattacks are a matter of "if", not "when". Take your next step towards a stronger security posture today.