Phil Muncaster recently published an article on InfoSecurity-magazine.com entitled Fifth of Government Workers Don’t Care if Employer is Hacked. Muncaster compiled the article using data from an Ivanti poll of 800 public sector workers (USA).
In an environment where data breaches and ransomware attacks are feared by business owners it is surprising to learn that a culture of unaccountability, poor cyber-hygiene and limited staff training are creating a perfect storm of cyber risk for governments worldwide. Ivanti went so far as to state that many workers are unbothered about the prospect of a serious data breach! It found a ‘not my job’ attitude is exposing governments to excessive cyber risk.
The average total cost of a data breach has reached an all-time high it averaged USD 4.35 million in 2022. This figure represents a 2.6% increase from 2021, when the average cost of a breach was USD 4.24 million. That’s up 12.7% from USD 3.86 million in the 2020 report.
USD 4.54 million is the average cost of a ransomware attack, doesn’t include the cost of the ransom itself. 11% of breaches in the study were ransomware attacks, an increase from 2021, when 7.8% of data breaches were ransomware attacks. That represents a growth rate of 41%.
On a positive note, the average cost of a ransomware attack dropped slightly, from USD 4.62 million in 2021 to USD 4.54 million in 2022. Slightly higher than the overall average total cost of a data breach, USD 4.35 million. This cost does not include the cost of the ransom itself.
19% frequency of breaches caused by stolen or compromised credentials. Stolen or compromised credentials are still the most common cause of a data breach. This type of breach had an average cost of USD 4.50 million. They also have the longest lifecycle – 243 days to identify the breach, plus 84 days to contain the breach.
Phishing was the second most common and most expensive cause of a data breach at 16%, averaging USD 4.91 million in breach costs.
Statistics sourced from IBM Cost of a Data Breach Report 2022,