Why this report matters


Key findings

Average cost of a data breach reaches an all-time high

Data breach average cost increased 2.6% from USD 4.24 million in 2021 to USD 4.35 million in 2022. The average cost has climbed 12.7% from USD 3.86 million in the 2020 report.

More organizations are deploying a zero-trust approach and seeing savings

The share of organizations deploying zero trust grew from 35% in 2021 to 41% in 2022. Organizations that don't deploy zero trust incurred an average USD 1 million greater breach costs compared to those with zero trust deployed.

Compromised credentials, phishing, and cloud misconfiguration were the top attack vectors

Stolen or compromised credentials were responsible for 19% of breaches. Phishing was responsible for breaches 16% of the time. Cloud misconfiguration caused 15% of breaches.

Security AI had the biggest cost-mitigating effect

Security artificial intelligence (AI), when fully deployed, provided the biggest cost mitigation. The average breach cost up to USD 3.05 million less at organizations with AI than organizations without AI.

Response times were one month faster with XDR technologies

Organizations with XDR shortened the time to identify and contain the data breach by about a month on average compared to organizations that didn’t implement XDR.

Hybrid cloud model had the lowest breach cost compared to public and private clouds

Breaches that happened in a hybrid cloud environment cost an average of USD 3.80 million. This figure compared to USD 4.24 million for breaches in private clouds and USD 5.02 million for breaches in public clouds.

