Why this report matters

The annual Cost of a Data Breach Report, featuring research by Ponemon Institute, offers insights from 550 real breaches to help you understand cyber risk in a changing world. This report has become a leading benchmark tool, offering IT, risk management and security leaders a lens into factors that tend to increase, or help mitigate, the cost of data breaches.

Get the report

Six workers in a security command center discussing threat situations

Highlights

Global report

Now in its 17th year, the report features data on breaches in 17 countries and 17 industries.

Security recommendations

Get helpful security tips from IBM Security® experts, based on findings from the study.

New research

Discover how critical infrastructure is impacted and how solutions such as extended detection and response (XDR) help mitigate costs.

Key findings

Average cost of a data breach reaches an all-time high

Line drawing of graph with rising data

Data breach average cost increased 2.6% from USD 4.24 million in 2021 to USD 4.35 million in 2022. The average cost has climbed 12.7% from USD 3.86 million in the 2020 report.

More organizations are deploying a zero trust approach and seeing savings

Line drawing of location pointer

The share of organizations deploying zero trust grew from 35% in 2021 to 41% in 2022. Organizations that don't deploy zero trust incurred an average USD 1 million greater breach costs compared to those with zero trust deployed.

Compromised credentials, phishing and cloud misconfiguration were the top attack vectors

Line drawing of circle graph with two x marks

Stolen or compromised credentials were responsible for 19% of breaches. Phishing was responsible for breaches 16% of the time. Cloud misconfiguration caused 15% of breaches.

Security AI had the biggest cost-mitigating effect

Line drawing of two overlapping circles with opposing arrows

Security artificial intelligence (AI), when fully deployed, provided the biggest cost mitigation, with the average breach costing up to USD 3.05 million less at organizations with it than organizations without it.

Response times were one month faster with XDR technologies

Line drawing of shield with person in center

Organizations with XDR shortened the time to identify and contain the data breach by about a month on average compared to organizations that didn’t implement it.

Hybrid cloud model had the lowest breach cost compared to public and private clouds

Line drawing of cloud and two connected servers

Breaches that happened in a hybrid cloud environment cost an average of USD 3.80 million compared to USD 4.24 million for breaches in private clouds and USD 5.02 million for breaches in public clouds.

Discover more reports

2021 Cost of a Data Breach Report

2020 Cost of a Data Breach Report

2019 Cost of a Data Breach Report

Take the next step

Cybersecurity services

Assess risk, respond to threats, extend your team

Security software

Help protect your organization with intelligence analysis, fraud protection and mobile security solutions

Zero trust

Wrap security around every user, device and connection