The IBM Cost of a Data Breach Report 2025 delivers one of the most actionable snapshots of today’s cyber risk—especially as AI accelerates both innovation and exploitation. Based on insights from 600 organizations across 16 countries, it zeroes in on the trends that should reshape how security and compliance teams plan for the year ahead.
Global breach costs dipped—but the U.S. is moving in the opposite direction.
The global average breach cost fell to USD 4.44M, the first drop in years. Meanwhile, U.S. organizations are seeing record highs above USD 10M, driven by regulatory penalties and high-cost response requirements.
AI is redefining both the attack surface and the risk profile.
13% of surveyed organizations faced breaches involving AI systems, and 97% lacked proper access controls for those tools. Shadow AI alone added an average of USD 670K. Threat actors are also using AI to sharpen phishing, deception, and social engineering tactics.
Governance is the gap widening the impact.
63% of organizations still lack a formal AI governance structure. Those without oversight experienced longer breach lifecycles and higher overall costs.
Used correctly, automation creates a measurable advantage.
Organizations with mature automation capabilities shortened breach response timelines and saved nearly USD 1.9M compared to peers that rely on manual processes.
Why it matters
This report isn’t just a benchmark—it’s a warning. AI is now core to both value creation and risk exposure. Strengthening governance, tightening oversight, and investing in automation are no longer optional—they’re the new baseline for cyber resilience.
Full IBM report: https://www.ibm.com/downloads/documents/us-en/131cf87b20b31c91
Need more info?
Contact Cyntry to strengthen your organization’s readiness for responsible and compliant AI adoption.
Book a no-cost 30-minute compliance and cybersecurity strategy session at Cyntry.com
