Home Reports Data Breach Action Guide Data breach action guide
Take control of your readiness, response and resilience to breaches with these recommended actions
Illustration of straight vertical lines connected to dots on top
Take action from insights and recommendations

The best way to prevent and respond to data breaches is to learn why and how they happen. Read the IBM Security® Cost of a Data Breach Report 2022 to understand the origin of breaches, the financial risks and the solutions that can make a difference. Then take action with the following recommendations to better secure your organization.

Get the report
Data breach costs reach a record high

Data breach costs averaged USD 4.35 million in 2022, representing a 3% increase over 2021 and a record high for the 17 years that the Cost of a Data Breach Report has been published. Inflation impacted people and organizations across the board, with 60% of breached organizations passing higher costs on to their customers. Fortunately, adopting a zero trust security model helped reduce costs by USD 1.5 million and can prevent unauthorized access to sensitive data.

See how zero trust can cut costs

Reduce security risk and costs to deliver business outcomes with a zero trust strategy.

Talk to us
Use an agile approach to security

Attend a no-cost, two-hour framing workshop on zero trust with IBM Garage™.

Schedule a workshop
Mega breaches could cost 100 times more

Most breaches are measured in thousands of data records. But for those breaches that lose millions of records, the costs are exponentially higher. The average cost of a mega breach of 50 million or more records reached USD 387 million in 2022, more than 100 times greater than the overall average cost of a data breach. Investments in technologies such as security information and event management (SIEM) and security orchestration, automation and response (SOAR )use AI and automation to lower those costs by improving detection and response times.

Accelerate threat detection with AI

Act quickly with enhanced security insights from automated threat detection.

See QRadar® SIEM demo
Respond faster with automation

Speed up incident response with automation and process standardization.

See QRadar® SOAR demo
Breached organizations are often repeat victims

Out of the breached organizations in the study, 83% had been hit more than once, and just 17% of breaches were first-time offenses. Significantly, nearly half of all breaches affected data in the cloud. You need to protect sensitive data on premises and in the cloud by using policy and encryption. The average breach cost savings associated with mature cloud security practices was USD 720,000 compared to no cloud security practices.

Secure cloud deployments

Measure your security posture, such as data classification, with a self-assessment.

Try cloud assessment
Automate data protection

Protect your data wherever it resides for faster compliance and lower cost of ownership.

Self-tour Guardium®
Organizations aren’t containing breaches fast enough

It takes 277 days on average to identify and contain a breach: 207 days to identify and 70 days to contain. That’s a 3.5% decrease from the previous year, which averaged 287 days. Meanwhile, cyberattacks are much faster. Ransomware had a 94% reduction in time to deploy in just 2 years. What used to take 2 months decreased to under 4 days. That said, organizations must get better at protecting endpoints and remote employees.

Protect and monitor devices

Speed up managing and securing your remote workforce with AI-driven unified endpoint management (UEM).

Start MaaS360® trial
Power endpoint security with AI

Enable real-time endpoint detection to block ransomware and other threats in their tracks.

See QRadar® EDR demo
Minimize friction for users

Safely connect any identity to any resource with deep context and intelligence.

Learn about Verify
Incident response teams and readiness reduce costs

Organizations with an optimized incident response (IR) saw some of the largest cost savings. In fact, the breach cost savings were USD 2.66 million for organizations with an IR team and regularly tested IR plan compared to no team or testing. IR teams were among the top 3 cost-saving measures, along with security platforms that use AI and a DevSecOps approach.

Determine you IR preparedness

Create and test IR playbooks with adversary simulations and attack surface management exercises.

Book an IR consultation
Additional resources X-Force® Threat Intelligence Index State of Attack Surface Management Cloud Threat Landscape Report