While organizations rush to embrace artificial intelligence to stay ahead of the competition, they leave a backdoor wide open to attackers.
IBM’s annual report, marking 20 years of research in the field of data breaches and conducted with the Ponemon Institute, is published this year amid a transformative technological era – the age of AI.
The 2025 report analyzes 600 breaches that occurred between March 2024 and February 2025, supported by interviews with over 3,400 security and business executives. The findings reveal a complex reality: the same technology meant to protect us is increasingly becoming a weapon in the hands of adversaries.
Global Trends: Decreased Costs, Rising Risks
For the first time in five years, the global average cost of a data breach has declined-down to $4.44 million, a 9% drop from the previous year. This decrease is directly linked to broader adoption of AI and automation technologies, enabling faster detection and containment.
However, this number tells only part of the story. In the U.S., breach costs have reached a new high: $10.22 million per breach. Stricter regulations and escalation-related expenses are key drivers-demonstrating that even the most advanced markets are not immune to oversight gaps.
The Dual Dilemma: AI as Protector and Threat
The report presents AI as a double-edged sword-on one hand, a revolutionary defense tool; on the other, an autonomous attack vector.
AI for Protection
Widespread implementation of AI reduced detection and containment times by 80 days and lowered breach costs by an average of $1.9 million. About 32% of organizations that integrated AI into their prevention, response, and investigation phases saw substantial damage mitigation.
AI-Driven Threats
But this coin has a dark side. Unsupervised AI-referred to as “Shadow AI”- accounted for 20% of the breaches, often in applications compromised through sophisticated phishing and deepfake campaigns. Approximately 97% of organizations impacted by AI-related breaches had poor access controls, and 63% still lack a clear AI governance policy.
Four Leading Threats
The report identifies several dominant risk factors shaping today’s threat landscape:
Phishing has become the most common attack vector, as AI enables increasingly convincing and harder-to-detect messages.
Insider threats remain the most costly, with an average breach cost of $4.92 million – originating from employees or contractors with legitimate access.
Supply chain attacks require the longest response time – averaging 267 days to detect and contain – due to the complexity of identifying third-party vulnerabilities.
System complexity and talent shortages add an estimated $1.6 million to the average breach cost, as organizations struggle to recruit and retain skilled security professionals.
Critical Recommendations
Based on the findings, five key recommendations emerge:
Strengthen Non-Human Identity Controls – Machine identities must be secured just like human users. Multi-factor authentication, risk-based access, and passkeys are essential.
Secure AI Environments – Data classification, encryption, key management, and access controls are foundational to effective AI security.
Bridge the Gap Between Governance and Security – Disconnects between AI administration and safe implementation create blind spots. Investments in monitoring tools, anomaly detection, and Shadow AI management are crucial.
Accelerate Response with AI – Since attackers use AI too, security teams must be equipped with AI-powered tools to detect early, respond accurately, and thwart advanced phishing and deepfake threats.
Build for Resilience, Not Just Prevention – Quick recovery requires structured incident response plans, crisis simulations, strict access control, and reliable data restoration mechanisms.
Conclusion
The 2025 report paints a clear picture: AI is here to stay – but only organizations that implement governance and security at the same pace as adoption will hold the advantage.
The gap between rapid technological adoption and proper oversight continues to widen, offering new opportunities for attackers.
Organizations that fail to establish clear policies and oversight mechanisms will find themselves facing higher breach costs and greater damage.
Source Note:
The following analysis is based on the official publication “Cost of a Data Breach Report 2025” by IBM in collaboration with the Ponemon Institute. All statistics and findings referenced are taken directly from the original report and are the responsibility of its publishers.
