Aug 15 2023

On Average, a Security Breach Costs $4.45 Million, but Who Pays for It?

Businesses that suffer security breaches must decide whether to accept the loss or pass incident costs onto consumers, and many are caught in the middle.

Who should pay the tab when a cybercriminal succeeds in breaching a company’s network? Many would say that the company should eat the loss, file a claim with its insurance carrier and double down on its efforts to stop the next attack.

New research from IBM, however, suggests that a growing number of businesses don’t see it that way.

According to IBM’s 2023 Cost of a Data Breach Report, businesses are divided on how to handle the increasing cost and frequency of breaches.

“Breached organizations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%),” IBM notes in a news release.


The percentage increase in security breaches over the past three years

Source: IBM, Cost of a Data Breach Report, 2023

The average breach now costs $4.45 million, according to IBM, a 15 percent increase over the past three years. Those costs include any ransom paid to an attacker, plus injury to customer trust, stock price declines, intellectual property loss and more.

Only half of breached companies responded by increasing their cybersecurity efforts. Those that do not stand to pay more: Businesses that learn about breaches from attackers rather than by detecting them pay an additional $1 million in average costs, according to IBM.

LEARN MORE: Find out why network security is a first priority as organizations secure IoT environments.

“Investments in threat detection and response approaches that accelerate defenders’ speed and efficiency — such as AI and automation — are crucial to shifting this balance,” Chris McCurdy, IBM’s general manager of worldwide security services, says in the release.

Learn more about managed detection and response at

fongleon356/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT