The global average cost of a data breach fell to $4.44 million in 2025, down 9 percent from $4.88 million in 2024, according to IBM's Cost of a Data Breach Report. IBM attributed much of the decline to faster containment, as AI-powered defenses helped organizations identify and contain breaches in a mean of 241 days, the lowest figure in nine years.

Unmanaged AI carries a clear price. Organizations with high levels of shadow AI, where employees use unapproved internet-based AI tools, saw an extra $670,000 added to the average breach cost compared with organizations that kept such use in check.

The split between sanctioned and unsanctioned tools is widening the gap. Shadow AI incidents represented 20 percent of breaches in the data, against 13 percent for approved AI systems, indicating that governance gaps translate directly into higher financial exposure.

The figures point to a divide in outcomes. Companies using AI to strengthen detection and response trimmed costs and shortened breach lifecycles, while those allowing ungoverned AI use absorbed measurably larger losses.

Source: IBM - https://www.ibm.com/reports/data-breach