Critical lessons from 2023 cybersecurity breaches: Which industries were hardest hit?

screen with red data and "security breach" messages

Let’s delve into the leading factors behind the list no industry wants to land on – those hardest hit by cybersecurity breaches last year. The fallout from cybersecurity breaches reached nightmare proportions in 2023, as data breaches cost businesses a staggering $4.45 million on average worldwide. Guess which sector took the biggest hit? The dreaded top ranking for that goes to the finance industry, according to a report by Kroll, the financial and risk advisory firm. Their 2024 Data Breach Outlook reportalso shows that social engineering attacks, such as phishing scams, are on the rise.

In this blog, we’ll tell you everything you need to know about which industries fared the worst last year and what we can all learn from vulnerabilities that were exposed, as well as how to prepare for emerging threats.

Unprecedented surge against financial sector

The finance sector emerged as the most breached industry in 2023, constituting 27% of the incidents managed by Kroll, a substantial increase from the 19% recorded in the preceding year.

Healthcare, which held the spotlight in 2022, secured second place with 20% of the breaches, a marginal reduction from the 22% reported in 2022.

The financial sector is facing an unprecedented surge in cybersecurity breaches, jeopardizing sensitive data and trust. What does this mean? Cybercriminals are targeting the heart of our economy, putting financial institutions and clients at risk. The consequences are severe – from data theft to monetary loss. The foundation of trust is at stake.

The heightened vulnerability of the financial sector to cyber threats is attributed not only to the allure of immediate financial gains but also to the wealth of sensitive customer information it safeguards. Notably, the surge in data breaches in 2023 is correlated with CLOP ransomware activity impacting small- to mid-sized regional banks.

The rest of the hardest hit

Although not the hardest hit in 2023, the healthcare sector remains under constant attack. A recent article by Medriva highlights the pervasiveness of the threat: In 2023, healthcare data breaches affected over 133 million patient records—more than double the previous year's number. A total of 725 breaches, each impacting 500 or more patient records, highlighted a substantial increase in cybersecurity threats within the healthcare industry. Hacking incidents dominated the breaches, followed by ransomware attacks and data exfiltration incidents as key contributors to the record-breaking breaches.

According to Kroll’s report, here are the top 10 hardest hit industries in 2023:

  1. Finance

  2. Healthcare

  3. Professional services

  4. Retail

  5. Industrial services

  6. Technology

  7. Education

  8. Manufacturing

  9. Government

  10. Insurance

Of those, finance, professional services, technology, manufacturing, and government all saw increased breaches over the prior year.

What can we learn?

The question is, are we prepared for the next wave of cyber threats? Healthcare providers are implementing additional cybersecurity measures, emphasizing the importance of staying updated on threats, staff training, and robust security systems to protect patient data and privacy moving forward. But each industry needs to prepare its leaders to wage a multifaceted approach to the war on cybersecurity.

A recent article by CSO Online emphasizes the intricate nature of data breach costs and underscores the importance of preparedness, incident response, and ongoing efforts to protect against evolving cybersecurity threats. In summary, here are 10 key lessons from 2023’s cyber breaches:

  1. Involvement of law enforcement: The research indicates that excluding law enforcement from ransomware incidents results in higher costs. Organizations that sought law enforcement involvement paid 9.6% more and experienced a breach lifecycle 33 days longer.

  2. Security AI and automation: Investments in security AI and automation were shown to be crucial for reducing costs and minimizing the time to identify and contain breaches. Organizations that extensively used these capabilities experienced a 108-day shorter time to identify and contain a breach, along with $1.76 million lower data breach costs.

  3. Cloud environment security: Attacks gaining access to multiple cloud environments incurred higher-than-average costs of $4.75 million. Ensuring robust security measures for cloud environments is highlighted as a key factor in minimizing breach-related expenses.

  4. Security system complexity: Organizations with low or no security system complexity experienced an average data breach cost of $3.84 million in 2023, emphasizing the importance of maintaining effective security systems.

  5. Incident response planning and testing: Elevated levels of incident response planning and testing were identified as highly effective tactics for containing the cost of a data breach. Organizations with extensive planning and testing saved $1.49 million compared to those with low levels.

  6. DevSecOps and employee training: Implementing DevSecOps practices and providing employee training were identified as the most effective data breach cost mitigators in 2023, saving organizations an average of $249,278 and $232,867, respectively.

  7. Organizational size impact: Organizations with more than 5,000 employees saw a decrease in the average cost of a data breach in 2023, while those with 5,000 or fewer employees experienced considerable increases. The average impact of a data breach increased with decreasing organizational size.

  8. Reputational damage: Reputational damage remains one of the significant costs of a data breach. Customer trust is challenging to rebuild, and damaged reputation affects a company's brand value, customer conversion costs, and market share.

  9. Business downtime costs: Severe business downtime can result in significant costs, especially for technology-dependent firms. The article emphasizes that manufacturing has clear metrics to measure downtime costs, while other industries may find it more nebulous but equally impactful.

  10. Regulation, litigation, and cyber insurance: Increasingly strict data protection laws and litigation contribute to data breach costs. Cyber insurance premiums have sharply increased, and organizations may find it challenging to afford adequate coverage. Paying ransoms, insufficient security staffing, and the resulting skills shortage are also highlighted as factors impacting breach costs.

Sources and further reading

Finance Most Breached Industry in 2023 - Markets Media

Record-breaking Healthcare Data Breaches in 2023 (

What is the cost of a data breach? | CSO Online

The year ahead in cybersecurity: Expert predictions for 2024 – and how to prepare | ACI Learning

ACI Leadership Series: Cybersecurity Questions Boards and Executives Need to Ask | ACI Learning

ACI Leadership Series: Cybersecurity Insurance and MSPs Webinar Notes | ACI Learning

2024 Data Breach Outlook report

ACI Learning



Learning areas