In their rush to deploy AI, many organizations are overlooking critical security and governance measures. IBM’s 2025 Cost of a Data Breach Report reveals that 13% of surveyed companies experienced breaches involving AI models.
The report described this trend as “do-it-now AI adoption,” where speed is prioritized over oversight.
Around 63% of breached organizations said they either lacked formal AI governance frameworks or were still in the process of developing them. Among those that had such policies in place, only 34% conducted regular audits to detect unauthorized AI use.
The report warned that AI systems deployed without governance are more prone to security incidents and lead to significantly higher breach costs.
That said, the report noted that organizations using AI and automation extensively throughout their security operations saved an average $1.9 million in breach costs and reduced the breach lifecycle by an average of 80 days.
Speed and innovation are priorities with AI usage
While AI-related breaches are still relatively rare, IBM Vice President of Data Security Vishal Kamat told TechRepublic via email that nearly all incidents stemmed from weak AI access controls.
“It’s a clear signal that organizations are favoring speed and innovation over foundational security practices, and that tradeoff is already carrying financial consequences,” Kamat said.
Equally concerning is the lack of AI governance policies around AI use, Kamat added.
“In many cases, organizations didn’t have clear accountability for AI systems, or visibility into where and how AI was being deployed. That creates blind spots not just for security teams, but for compliance and risk as well,” he explained.
As AI adoption accelerates, Kamat stressed that governance and access controls can’t be afterthoughts.
“They need to be built in from the start, just like we’ve learned the hard way, with cloud and other emerging technologies of the past.”
Shadow AI prompts higher breach costs
One in five organizations surveyed attributed a breach to shadow AI, and only 37% have policies to manage AI or detect shadow AI, according to the report. It also found that organizations dealing with widespread shadow AI incurred an average of $670,000 more in breach costs than those where shadow AI use was minimal or nonexistent.
In cases involving shadow AI, 65% resulted in compromised personally identifiable information and 40% affected intellectual property — significantly higher than the global averages of 53% and 33% respectively, according to IBM.
AI is used by attackers, too
Attackers are leveraging AI to increase the speed, scale, and sophistication of their methods, especially in areas like phishing and deepfake impersonation, Kamat said. Meanwhile, defenders are starting to deploy AI-powered tools to detect and respond to these threats faster and more effectively, and they are showing a significant ROI, he said.
“The key is recognizing that AI isn’t just a risk — it’s also a critical part of the solution,’’ Kamat explained. “Organizations that invest in AI-driven detection and response now will be better positioned to stay ahead as the threat landscape continues to evolve.”
The cost of a data breach
The report noted some mixed news related to data breach costs. The global average cost of a data breach fell to $4.44 million, the first decline in five years. However, the average US cost of a breach reached a record $10.22 million.
Healthcare breaches remain the costliest of all industries at an average of $7.42 million. These breaches also take the longest to identify and contain, averaging 279 days.
Nearly all organizations reported operational disruptions in the aftermath of a data breach, which has extended recovery timelines. Among respondent organizations that reported recovery, most took an average of 100 days to do so.
Methodology
The 2025 IBM report was conducted by Ponemon Institute and is based on data breaches experienced by 600 organizations globally from March 2024 through February 2025.
The cyber threat landscape is shifting faster than defenses can keep up. Discover what Check Point’s new data reveals — and what security leaders must do next.