Global Data Breach Costs Drop But Lack of AI Risk Mitigation Poses Problems, IBM Report Finds

The global average cost of a data breach dropped to $4.4 million for much of the world but rose to $10.2 million in the United States in 2025, according to new research from IBM published Wednesday.

The findings come from IBM’s annual Cost of a Data Breach Report, which credited faster identification and containment of breaches—aided by artificial intelligence (AI) and automation—for driving down the global cost from $4.8 million in 2024.

But that price drop comes with a catch. Organizations are rapidly adopting AI solutions, but governance and security efforts for those solutions are lacking, the report assessed. IBM interviewed more than 34,652 technology, security, and business leaders from 600 organizations. Sixty-three percent said their organizations lacked governance policies to manage AI or detect shadow AI—unauthorized AI tools. Additionally, 87 percent of leaders said their organizations have no governance policy or process in place to mitigate AI risk.

“Nearly two-thirds of breached organizations didn’t perform regular audits on their AI models to mitigate risk,” according to the report. “And over three-quarters reported not performing adversarial testing on their AI models.”

This failure to mitigate risk could have enormous ramifications in the future. Already, IBM assessed that 86 percent of businesses experienced operational disruption due to a data breach.

“The growth of AI complicates this picture further by expanding and introducing new and potentially fragile interdependent and interconnected systems that are linked to operational activities,” according to the report.

One potentially bright spot is that organizations are assessing risk for AI model evasion attacks—where an attacker attempts to make the AI model misbehave by manipulating the data that is input. These attacks are rare but can have a very high impact.  

“Researchers have previously shown these attacks can lead to financial loss, reputational damage, and even endanger lives in critical applications, such as autonomous vehicles and medical diagnosis,” the report explained.

Four out of five organizations are assessing risks related to AI model evasion attacks, with 50 percent using internal risk assessment teams to do so.  

Behind the Costs

In the United States, the cost of a data breach hit an all-time high in 2025. IBM credits the increase to higher regulatory fines and rising detection and escalation costs in the country.

Shadow AI—the use of unauthorized AI tools—might also be playing a role. IBM assessed that shadow AI security incidents added an average of $200,000 to the total cost of a data breach, likely because these incidents take longer to detect and contain than those involving authorized AI solutions.

Organizations that experience shadow AI types of breaches might also be subject to fees and penalties for the types of data that they expose, further driving up the cost, says Vishal Kamat, vice president of data security at IBM.

The analysis revealed that when breaching shadow AI, attackers were most interested in targeting customer personally identifiable information (PII), followed by intellectual property.

Customer PII was also the most expensive when accounting for individual compromised records. It clocked in at $166 per record, followed by employee PII at $161 per record, the report explained.

Diving deeper into AI-related data breaches, IBM found that of the 13 percent of organizations that reported a data breach related to their AI models, just 3 percent had proper AI access controls in place.

Supply chain compromises were the most common cause of AI security incidents (30 percent), which includes apps, APIs, and plug-ins.

“Approximately one-third (31 percent) of organizations that experienced a security incident involving authorized AI suffered operational disruption and saw attackers gain unauthorized access to sensitive data,” according to the report. “Twenty-nine percent of organizations reported a loss of data integrity. The impact of reputational damage (17 percent) underscores the potential long-tailed effects of these incidents.”

Additionally, most of the AI security incidents came from AI delivered as software as a service (SaaS)—mainly from third-party vendors (29 percent). IBM found that there were fewer incidents when the third-party vendor AI was deployed on premises (19 percent).

“On the flip side, I think the cost going down is largely a function of time to resolve issues or get to the bottom of issues—it’s a lot faster with the use of AI to address or respond to some of the incidents, and that definitely brings down the cost of the breach,” Kamat adds.

Some of the AI tools that security teams have found to be most helpful include the technology’s ability to summarize and shorten the time required to understand the telemetry involved and detect if an incident is happening, Kamat explains.

Additionally, AI is supporting organizations that have created response playbooks by automating many tasks that previously required manual intervention—like sequential processing—to make the workflow by analysts and supervisors in security operations centers faster to detect and respond to data breaches.

IBM made five sets of recommendations for security practitioners based on this year’s reports findings. One of the most paramount is to connect security for AI and governance for AI to reduce risk, complexity, and cost.

“Organizations must ensure chief information security officers, chief revenue officers, and chief compliance officers—and their teams—collaborate regularly,” the report said. “Investing in integrated security and governance software and processes to bring these cross-functional stakeholders together can help organizations automatically discover and govern shadow AI.”

Communication during this process is key, especially as businesses look to adopt more AI solutions and security practitioners instincts to protect the organization kick-in, Kamat says.

“Keeping them on the same page so they are working in tandem together and enabling the business in concert, as opposed to giving different directions to the business,” Kamat adds. “I think it’s important because it’s all about—in my mind—keeping the business or keeping the company safe yet enabling the business to move fast. And typically, when the security teams and the governance teams don’t align well, it results in a significant slowdown.”

Other Findings of Note

Outside of AI, IBM detected that malicious insider attacks resulted in the highest average breach costs—$4.9 million.

“Third-party vendor and supply chain compromise followed closely at $4.91 million,” according to the report. “Other expensive attack vectors included vulnerability exploitation and phishing.”

Ransomware remains a problem, but IBM assessed that 63 percent of organizations decided not to pay ransoms compared with the 59 percent refusal rate from 2024.

Organizations were also less willing to involve law enforcement when they experienced a ransomware attack. Just 40 percent of organizations, compared to 52 percent in 2024, opted to call the authorities as part of their attack response.

After a data breach has occurred, most organizations (51 percent) said they would not increase security investment afterwards. IBM credits this potential slowdown in spending as organizations taking a more “disciplined approach to evaluating which security initiatives deliver impact.”

For the 49 percent planning to increase security investment, however, they were most interested in adopting threat detection and response technologies (43 percent), data security and protection tools (37 percent), and incident response planning and testing (35 percent). Forty-five percent of respondents who planned to invest in security after an incident also said they would choose AI-driven solutions.