In an evolving threat landscape, time is money

The best way to prevent a data breach is to understand why it’s happening. Now in its 17th year, the 2022 Cost of a Data Breach report shares the latest insights into the expanding threat landscape and offers recommendations for how to save time and limit losses.

For 83% of companies, it’s not if a data breach will happen, but when. Usually more than once. When detecting, responding to and recovering from threats, faster is better. Organizations using AI and automation had a 74-day shorter breach lifecycle and saved an average of USD 3 million more than those without.

*All dollar amounts shown on this site are in USD millions

Regional (global) insights

A data breach in the US costs over twice the global average

For the 12th year in a row, the United States holds the title for the highest cost of a data breach, USD 5.09 million more than the global average.


Average cost of a data breach in the United States


Global average total cost of a data breach

Industry insights

Healthcare gets hit hard

The cost of a breach in the healthcare industry went up 42% since 2020. For the 12th year in a row, healthcare had the highest average data breach cost of any industry.


Average total cost of a breach in the healthcare industry

Initial attack vectors

Stolen or compromised credentials are costly

Stolen or compromised credentials were not only the most common cause of a data breach, but at 327 days, took the longest time to identify. This attack vector ended up costing USD 150,000 more than the average cost of a data breach.


Days saved are dollars saved when it comes to a data breach

In 2022, it took an average of 277 days—about 9 months—to identify and contain a breach. Shortening the time it takes to identify and contain a data breach to 200 days or less can save money.


Average savings of containing a data breach in 200 days or less

Key cost factors

Ransomware attacks grew and destructive attacks got costlier

The share of breaches caused by ransomware grew 41% in the last year and took 49 days longer than average to identify and contain. Additionally, destructive attacks increased in cost by over USD 430,000.


Average cost of a ransomware attack


Average cost of a destructive attack

Cost savings

AI and automation offer the biggest savings

Organizations that had a fully deployed AI and automation program were able to identify and contain a breach 28 days faster than those that didn’t, saving USD 3.05 million in costs. However, it’s not all or nothing. Organizations with a partially deployed AI and automation program fared significantly better than those without.

Cloud vulnerabilities

Nearly half of all data breaches happen in the cloud

While 45% of breaches occurred in the cloud, organizations with a hybrid cloud model had lower average data breach costs—USD 3.80 million—compared to organizations with a public or private cloud model.


Average data breach cost in organizations with private clouds


Average data breach cost in organizations with public clouds

Incident response

Don’t just make an incident response plan. Test it.

Having an incident response (IR) plan is only the first step. Testing that plan regularly can help you proactively identify weaknesses in your cybersecurity and shore up your defenses. Not to mention you can save millions in data breach costs.


Average breach cost savings at organizations with an IR team that tested their plan versus those who didn’t

Next steps