IBM Cost of a Data Breach Report 2023
IBM Security's Cost of a Data Breach Report 2023 benchmarks the financial impact of 553 breaches across 16 countries and 17 industries, offering an evidence base for CISOs and risk teams.
Show all
It argues the global average breach cost reached USD 4.45M (US USD 9.48M; healthcare USD 10.93M) and links faster detection, security AI/automation, DevSecOps, and IR preparedness to materially lower costs and shorter breach lifecycles
- Slide 1: Cost of a Data Breach Report 2023
- Slide 2: Lists six main sections including the executive summary, complete findings
- Slide 3: IBM Security and Ponemon Institute frame the 18th annual study
- Slide 4: What’s new in the 2023 report
- Slide 5: Global average breach cost hit USD 4.45M in 2023 (a
- Slide 6: Detection, ransomware and cloud highlights
- Slide 7: Cost savings from mitigation and complexity
- Slide 8: Introduces the report’s 18 detailed themes: global highlights, attack
- Slide 9: Presents the global picture: the average total cost
- Slide 10: Total cost and per-record trends
- Slide 11: United States retains highest average breach cost (USD 9.48M)
- Slide 12: Cost of a data breach by country or region
- Slide 13: Healthcare highest industry breach cost (USD 10.93M)
- Slide 14: Mean time to identify and contain breaches (days)
- Slide 15: Lost business costs hit a five-year low
- Slide 16: Average breach cost by organization headcount
- Slide 17: Majority of breached organizations increased prices (57%)
- Slide 18: Customer PII was the most common and costliest record compromised
- Slide 19: Introduces analysis of initial attack vectors and notes that phishing
- Slide 20: Cost and frequency by initial attack vector
- Slide 21: Breaches from stolen or compromised credentials had the longest resolution time
- Slide 22: Only one-third (33%) of breaches were identified by organizations' internal
- Slide 23: Benign third parties identified the largest share of breaches; attacker-disclosed
- Slide 24: Attacker-disclosed breaches took the longest to identify and contain (320 days)
- Slide 25: Data breach lifecycle defined: 277 days to identify and contain
- Slide 26: Shorter breach lifecycle (<200 days) correlates with lower costs
- Slide 27: Key cost factors and the effect of security skills shortage (USD 5.36M)
- Slide 28: Impact of 27 key factors on the mean cost
- Slide 29: Top three cost amplifiers: security skills shortage, system complexity, noncompliance
- Slide 30: Top three cost mitigators: DevSecOps, IR planning/testing, employee training
- Slide 31: Ransomware and destructive attacks
- Slide 32: Share and cost of malicious attack types
- Slide 33: Law enforcement involvement reduced ransomware costs
- Slide 34: Time to identify and contain ransomware with law enforcement
- Slide 35: Automated response playbooks shorten containment
- Slide 36: Business partner supply chain attacks
- Slide 37: Software supply chain attacks
- Slide 38: Software supply chain costs and lifecycle
- Slide 39: High-data-regulation environments saw a larger share of costs accrue
- Slide 40: Timing of breach costs in low vs high regulation
- Slide 41: Critical infrastructure breaches cost USD 5.04M
- Slide 42: 31% of organizations incurred fines; most fines ≤ USD 250,000
- Slide 43: 82% of breaches involved cloud or multiple environments
- Slide 44: Breaches across multiple environments were most common and costliest
- Slide 45: Breaches across multiple environments took 291 days to resolve
- Slide 46: Mega breaches examined separately; 50–60M record breaches averaged USD 332M
- Slide 47: Mega-breach costs fell across cohorts in 2023
- Slide 48: Introduces analysis of post‑breach security spending and allocation decisions, noting
- Slide 49: Respondents split on increasing security investment after a breach
- Slide 50: Top post‑breach investments: IR planning 50%, employee training 46%
- Slide 51: Security AI and automation reduced breach timelines
- Slide 52: AI adoption levels and their impact on breach costs
- Slide 53: Extensive AI use shortened identify-and-contain time by 108 days
- Slide 54: Incident response: combine an IR team with plan testing
- Slide 55: Combined IR strategy cut total breach time by 54 days
- Slide 56: Threat intelligence reduced identification time by 28 days
- Slide 57: Threat intelligence MTTI: 188 days versus 216 days
- Slide 58: Risk‑based vulnerability management lowers breach cost to USD 3.98M
- Slide 59: CVE-only versus risk-based vulnerability prioritization
- Slide 60: Attack surface management accelerated identify-and-contain by ~83 days
- Slide 61: Managed security service providers
- Slide 62: Recommendations to help reduce the cost of a data breach
- Slide 63: Build security into every stage of software development and deployment:and test regularly
- Slide 64: Modernize data protection across hybrid cloud
- Slide 65: Use security AI and automation to increase speed and accuracy
- Slide 66: Strengthen resiliency by knowing your attack surface and practicing IR
- Slide 67: The 2023 study sampled 553 organizations across 16 countries
- Slide 68: A table breaks down the 16 countries and regions included
- Slide 69: Five industries account for 55% of the sample:Financial (14%), Services
- Slide 70: Definitions for the 17 industries used in the study (for
- Slide 71: The benchmark preserved confidentiality by excluding company accounting, asking participants
- Slide 72: How we calculate the cost of a data breach
- Slide 73: Frequently asked questions cover definitions of a data breach
- Slide 74: How benchmark research differs from survey research
- Slide 75: Limitations include a nonstatistical, judgmental sampling frame potentially biased toward
- Slide 76: About Ponemon Institute and IBM Security
- Slide 77: Take the next steps
- Slide 78: Legal disclaimers and copyright
Related decks
Fresh decks, weekly
A roundup of what's new in the gallery
