Unraveling Data breach Expenses


3 min read


Today we bring you some interesting figure from IBM’s Cost of a Data Breach for 2023 and we explore the worrying figures.

What is a data breach?

Let’s first get some common misconceptions first out of the way. Data breach is not the same as cyberattack. Security breaches that compromise the confidentiality of the data are considered data breaches. A DDOS (distributed denial-of-service) attack that overwhelms a website with requests is not considered a data breach, but a ransomware attack that locks up all the organization’s data is. Ransomware attacks have seen an explosion in numbers during the COVID epidemic, and while the frequency of attacks has somewhat settled down, there is still a serious growing trend. According to the IBM’s Cost of a Data Breach 2022 report, 83% of the 500 interviewed organizations experienced more than one data breach. Data breaches have always been a major problem, but they become even more serious when we consider the amount of data organizations collect and create with the modern technologies.

Attack vectors

To understand how a data breach occurs better, we should start from the source, i.e. from the attack vectors. Attack vectors are simply ways in which the attacker “mounts” the attack. It could be through phishing, zero-day exploits, insider help and many different ways, and one of the approaches to reducing threats is securing the possible attacks vectors.

phishing illustration

Phishing and stolen or compromised credentials are the most frequent initial vectors through which the attackers gain access, and the cost of breaches initiated through these vectors was 4.76 million USD and 4.62 million USD, respectively. Cloud misconfiguration and zero-day vulnerabilities represent vectors for around 11% of all attacks, and while cloud configuration is in the group of “cheaper” breaches, it still has a cost of 4 million USD. Attacks initiated through zero-day vulnerabilities have the same cost as the global average cost of a data breach, at 4.45 million USD. Next up is the business email compromise vector, accounting for 9% of attacks with a cost of 4.67 million USD. These attack vectors are followed by social engineering and physical security compromise at 8% of the total number of attacks with costs of 4.55 million USD and 4.10 million USD. At 6% we have known unpatched vulnerability, accidental data loss and malicious insider. Attacks cause by a malicious insider top the data breach cost in 2023 with a cost of 4.90 million USD. Finally, the least frequent and the least expensive attack vector was system error, sitting at 5% with a 3.96 million dollar cost. Human factor stays the most frequent problem for a security system, and that signifies the importance of education and spreading awereness.

From the list of attack vectors we just talked about, it is obvious that a good number of attacks caused by them could have been prevented with the right approach. Even though these numbers are serious, organizations are divided between whether they plan on investing more financial resources into security or not, with 51% of organizations saying that they plan on doing so. This is not a surprising figure, as security is not about throwing money at the problem, it is about implementing high-quality strategies, educating people and having the right tools. In our opinion, it is important to understand that cyber security is not a be-all and end-all for preventing and mitigating threats, it is supposed to be a foundation block for cyber resilience. If you aren’t familiar with the term, check out our Cyber Resilience: A Proactive Approach to Security blog, where we explain what cyber resilience is and what it takes to implement it.

“Security isn’t something you buy, it’s something you do, and it takes talented people to do it right.” – anonymous

Data Breach Identification

Only one third of breaches were identified by an organization’s own security systems, which is really a wake-up call for anyone claiming that their security can not be breached. Fortunately enough, 40% of breaches were reported by a benign third party or outsider. The remaining data breaches, more than one quarter, were reported by the attackers as a part of their ransomware attack.

In terms of costs, the numbers are exactly what you would accept, the least expensive breaches are the ones that you identify yourself, at 4.30 million USD, while the costliest breaches are the ones disclosed by the attackers, at 5.23 million USD. Those reported by third parties stand close to the self-identified breaches with a cost of 4.67 million USD.

Data Breach Lifecycle

The data breach lifecycle is defined as the elapsed time between the initial detection of the breach and its containment. “Time to identify” describes the time, in days,
it takes to discover an incident. “Time to contain” refers to the time, in days, it takes for an organization to resolve the situation and restore service after the breach has been detected. These two metrics help determine the effectiveness of an organization’s incident recovery and containment processes. The average data breach lifecycle was 277 days, which is an astounding figure. Imagine your business and earnings impacted negatively for close to a whole year.

A shorter data breach is associated with less costs. When comparing data breaches at the 200 days mark, those that lasted less than 200 days incurred an average cost of 3.93 million USD. On the other hand, breaches with a lifecycle longer than 200 days resulted in costs amounting to 4.95 million USD, an increase in 1 million USD.


And there you have it, worrying data breach figures to think about. The Report, of course, contains more interesting numbers, so if you want to check it out, you can find it here.

InnoBoost is an IBM Gold business partner, a level reserved for partners who deliver high-value transformative solutions and achieve the highest levels of customer satisfaction, technical and sales certifications, as well as sales success.

Our skilled, agile, and certified team prides itself on delivering an unparalleled experience to its customers. From system and solution design to configuration, from price negotiation with IBM to ordering and delivery tracking, we ensure a seamless business transition. We also arrange access to other partners and consultants as needed.

Contact us today to schedule your Cyber Resiliency Assessment and find out how your organization fares against modern digital threats.


You may also like…

Cyber Resilience: A Proactive Approach to Security

Cyber Resilience: A Proactive Approach to Security

5 min readSummary: IoT in transportation is transforming the way we commute, manage fleets, and maintain roads. This technology has the potential to significantly improve traffic flow, public transit, and vehicle technology. This blog post explores how IoT...

Revolutionizing Transportation with IoT

Revolutionizing Transportation with IoT

5 min readSummary: IoT in transportation is transforming the way we commute, manage fleets, and maintain roads. This technology has the potential to significantly improve traffic flow, public transit, and vehicle technology. This blog post explores how IoT...