IBM's 2025 Data Breach Report highlights a worrying trend: AI adoption is outpacing security measures. The study, which examined data breaches across 600 global organisations, reveals that AI systems are becoming prime targets for cyberattacks. A significant 13% of organisations reported breaches specifically targeting AI models or applications, with a further 8% unsure if their systems had been compromised. Alarmingly, 97% of those affected lacked basic AI access controls, leading to data compromise in 60% of incidents and operational disruption in 31%.
The report also sheds light on the dangers of 'shadow AI' – unauthorised AI tools used within organisations. These tools are linked to one in five breaches and cost an average of $670,000 more to remediate. Furthermore, attackers are increasingly using AI in their methods, with 16% of breaches involving AI-driven tactics like phishing and deepfake impersonation. Despite these rising threats, a staggering 63% of breached companies lack formal AI governance policies, and even among those that do, only 34% regularly audit for unsanctioned AI use.
Organisations that have invested in AI and automation throughout their security operations saved $1.9 million in breach costs. The global average cost of a data breach has decreased to $4.44 million, but in the United States, the average cost has risen to $10.22 million. This indicates that investment in AI security is not just a matter of protecting data, but also of saving money.
Related Articles
AI Cyberattacks Outpace Defences
Read more about AI Cyberattacks Outpace Defences →
AI Models' Behavioural Contagion
Read more about AI Models' Behavioural Contagion →
AI, biometrics to replace OTPs
Read more about AI, biometrics to replace OTPs →
China Prioritises AI Safety
Read more about China Prioritises AI Safety →