What is the Cost of a Data Breach?

Data breaches are on the rise—both in the United States and throughout the rest of the world. A simple lapse in cybersecurity can jeopardize precious information and have a detrimental impact on the safety of your organization.

Why Cybersecurity Is More Important Than Ever

Curious to learn more about the true cost of a data breach? We dissected the latest “Cost of a Data Breach Report” from IBM and highlighted some of the most compelling stats. Here is data that discloses the amount companies spend on discovering—and responding to—data breaches.

Shocking time to identify and contain data breaches

On average, it took 287 days to identify and contain a data breach in 2021. For example, if a data breach occurred on January 1, the incident—on average—wouldn’t be fully under control until October 14. While multiple different factors influence how long it takes to find and stop a breach, one thing is clear: the more time the breach takes to discover, the more costly it is to stop.

Eye-popping average cost of a breach

In 2021, the average cost of a global data breach increased by its largest margin in seven years. In 2020, the mean data breach cost businesses $3.86 million. But with a nearly 10 percent increase in 2021, the cost ballooned to $4.24 million this past year. In the United States, the average cost of a data breach was $9.05 million—more than double the global average.

Learn more about the cost of IT downtime from Lume.

Breaking down the cost of data breaches

IBM’s report showed that the average data breach cost $4.24 million in 2021. Here’s a further breakdown of the numbers:

  • Average cost of detection and escalation: $1.24 million (29 percent)
  • Average cost of notification: $0.27 million (6 percent)
  • Average cost of post-breach response: $1.14 million (27 percent)
  • Average cost of business lost: $1.59 million (38 percent)

By examining these financial numbers, it’s clear to see how a data breach can impact several different departments within an organization beyond just IT.

Overcoming COVID-19 remote work breaches

For organizations with at least 81 percent of workers operating in a remote environment, the average cost of a data breach was $5.54 million. This cost was more than $1 million higher compared to the mean cost of a data breach. In addition, businesses that were operating remotely had greater difficulties in identifying and containing the breach. For companies with more than 50 percent of employees working remotely, it took an average of 316 days to contain the breach.

Crippling impact on healthcare

For the eleventh consecutive year, the healthcare industry experienced the highest average cost of a data breach—increasing from $7.13 million in 2020 to $9.23 million in 2021. From hospitals to health clinics, healthcare organizations across the world have continued to be financially hindered and operationally disrupted by significant data breaches.


In today’s business environment, cyber and data security have become increasingly important priorities for organizations across the world. To keep your company out of harm’s way from a potential cyberattack, businesses must be diligent about developing strong lines of external defense—particularly for remote work employees. Building an effective cybersecurity program is critically important to maintaining business continuity and operational success for your company.

Want to evaluate your organization’s cybersecurity measures? Take Lume’s Cybersecurity Self-Assessment today!

This blog was written by Michael Hensley, Lume’s Director of Professional Services.