Artificial intelligence is cutting two ways in the economics of data breaches, according to figures from IBM's Cost of a Data Breach research. Unauthorized use of AI tools, often called shadow AI, added an average of 670,000 dollars to breach costs at organizations with high levels of unsanctioned AI activity, as employees moved sensitive data through tools outside company oversight.
Defensive AI produced the opposite effect. Organizations that deployed extensive AI and automation in their security operations paid an average of 3.62 million dollars per breach, compared with 5.52 million dollars for those without such tools. The 34 percent gap was the single largest cost differentiator in the entire study, indicating that automated detection and response can materially reduce the financial damage of an incident.
Speed of response reinforced the savings. The average breach lifecycle fell to 241 days, split between 181 days to detect and 60 days to contain, the shortest span in nine years. Companies that contained breaches within 200 days saved up to 1.12 million dollars relative to slower responders, underscoring how detection time drives total cost.
The figures capture a security landscape reshaping around AI on both sides. The same technology that helps defenders triage alerts and shorten investigations also introduces new exposure when staff route confidential information through unmonitored tools. The data does not argue for or against adopting AI, but it quantifies a widening cost gap between organizations that govern their AI use and equip their defenses with automation and those that leave both unmanaged.
Source: IBM Cost of a Data Breach Report - https://cnicsolutions.com/statistics/data-breaches-research/average-cost-of-a-data-breach-statistics-2026/
![[Data] Shadow AI Adds $670,000 to the Average Breach, IBM Finds](https://cdn.sanity.io/images/cbhtovty/production/f299b4c1d2b52ecbf8f32ff713fe4f723aaa963e-1200x600.jpg)