Download free DLP for AI whitepaper


  • The annual Information Risk Insights Study combines insights from 77,000 cyber events, $57 billion in reported losses, and 72 billion compromised records.
  • Major findings include: attacks have increased by 44.7% over the last 10 years; Healthcare, Financial, and Public organizations experienced the most attacks; and system intrusions and accidental disclosures are the top causes of incidents. 

There’s a new kid on the block in the cybersecurity research sphere. The Cyentia Institute, a dedicated research center, has just released the third edition of its annual Information Risk Insights Study, abbreviated to IRIS. 

With support from the Cybersecurity and Infrastructure Security Agency (CISA), this year the study was bigger than ever, combining insights from 77,000 cyber events, $57 billion in reported losses, and 72 billion compromised records. 

Whatever the size of your organization or the sector, IRIS is a treasure trove of valuable information that you can use to inform your cyber risk management strategy.

As with all global  in-depth studies, though, it’s a pretty intense, data-laden read. So, we’ve distilled the key insights from IRIS into a handy TL;DR version for you. 

What is the Information Risk Insights Study?

IRIS is a global study that aims to help organizations dispel the fear and uncertainty that typically surround cyber risk management decisions. As Cynetia notes in its introduction: 

“Reliable data about the frequency and impact of cyber events has historically been difficult to obtain. This presents a serious challenge for decision makers, causing many to fall back on subjective judgments and qualitative ratings. Our study yields objective data. We hope it helps many teams escape the qualitative quagmire of information risk assessments.”

What are the key findings from this year’s study?

Cybersecurity incidents are becoming more frequent

So, what has IRIS uncovered in 2022? Find out below.. 

An integral aspect of cyber risk management is assessing the probability of risks becoming actuality. To help organizations do this intelligently, IRIS looked at the frequency of cybersecurity incidents over the last 10 years. 

It found that “the geometric mean of the monthly incident count in 2012–2013 was 496 compared to 718 for 2020–2021”. This is an increase of an astonishing 44.7% over the last 10 years. In other words, security incidents are becoming more frequent and commonplace. As many organizations have realized, cyber-attacks and data leakage aren’t unlikely threats anymore. It’s now more a case of when, not if. 

Number of cyber incidents between 2012 and 2021 according to IRIS

Healthcare and Finance sectors experience the most incidents 

While data about incident frequency is undeniably useful, it only goes so far. What’s even more valuable for risk managers is to be able discern the level of risk their sector faces specifically. Enter key finding number two. 

As the report notes and the graph below shows, Healthcare, Financial, and Public

organizations experienced the most attacks, with the first two sectors suffering 76x more incidents than Mining and Agriculture.

As well as different industries suffering a varying proportion of incidents, the cost of these attacks also varies widely between sectors. The research found that typical losses range from a low $3 million in the agriculture sector to over $177 million in transportation.

Large organizations and SMBs are equally at risk

The SMB mindset of ‘a cyber attack won’t happen to me’ is disproved in this research. While large companies are over 30x more likely to suffer multiple security incidents in a single year than smaller ones, the impact of a singular security incident on an SMB tends to be much greater, even though the frequency is less.

You see, the research found that SMBs were the victims in 89% of cyber loss incidents over 10% of annual review. As the research summarizes: “A $10B enterprise hit with the typical loss amount for that can expect a cost that represents 0.00516% of annual revenues. A small shop that brings in $100K per year could lose nearly its entire annual earnings in a typical loss event!”

All of this is to say that SMBs and large organizations must take cybersecurity seriously in equal measure. It takes just one attack to cause absolute chaos and lost revenue. Proactive defense is paramount. 

System intrusions are the biggest threat to organizations 

It’s hugely valuable for risk managers and security administrators to know how security incidents happen. The research found that the most successful attack type is system intrusion, which accounts for roughly half of events and half of financial losses over the past ten years. 

Frequency and losses associated with common incident patterns

System intrusions are defined as “attempts to compromise systems, applications, or networks by subverting logical access controls, elevating privileges, deploying malware, and so on.” 

Closely following system intrusions is accidental disclosure at number two. This refers to incidents where employees, partners and suppliers accidentally expose or leak sensitive data. 

The best way to defend against both of these risks is by deploying data loss prevention (DLP).  DLP is a solution that continuously monitors, identifies and classifies data, ensuring it is protected with adequate controls 24/7 and only authorized by verified employees.

Account compromise and phishing are hackers favorite tactics 

The research shows that phishing and compromising valid accounts are cybercriminals’ favorite techniques across industries. With the rise of cloud applications, compromised accounts are especially an issue. 

If an attacker gets their hands on your employee’s cloud account details, they could potentially log-in from anywhere – unless you have the right detection tools in place. 

Polymer DLP: Risk management made simple 

Managing a plethora of evolving cybersecurity risks is undoubtedly a tough job, but it can be made much easier with the right tools. That’s where Polymer DLP comes in. Our intelligent, self-learning cloud DLP tool combats the risks of system intrusions and accidental data leakage, keeping your information safe from compromise 24/7. 

Try out Polymer DLP today with a free risk scan.  

Polymer is a human-centric data loss prevention (DLP) platform that holistically reduces the risk of data exposure in your SaaS apps and AI tools. In addition to automatically detecting and remediating violations, Polymer coaches your employees to become better data stewards. Try Polymer for free.


Get Polymer blog posts delivered to your inbox.