The average cost of a data breach in the United States climbed to 10.22 million dollars, according to IBM's Cost of a Data Breach report, even as the global average declined. Globally, the average cost fell to 4.44 million dollars, down 9 percent from 4.88 million dollars the prior year, the first decline in five years, driven by faster containment using AI-powered defenses.

Artificial intelligence figures prominently in the findings, both as a risk and a defense. Among organizations that experienced an AI-related security incident, 97 percent reported lacking proper AI access controls, and 63 percent had no AI governance policies in place to manage AI or prevent the use of unapproved tools.

Unsanctioned AI use carried a measurable price. Organizations with high levels of shadow AI, where workers download or use unapproved internet-based AI tools, added an extra 670,000 dollars to the average breach cost. The figure quantifies a risk that many security teams had treated as difficult to measure.

AI also reduced costs when deployed deliberately. Organizations using AI and automation extensively across security operations saved an average of 1.9 million dollars in breach costs and shortened the breach lifecycle by about 80 days. Overall, companies identified and contained breaches in a mean of 241 days, the lowest in nine years. The data describes a security environment where AI cuts both ways, lowering costs for prepared organizations while adding exposure where governance is absent.

Source: IBM - https://www.ibm.com/reports/data-breach