The average cost of a data breach in the United States reached a record $10.22 million, roughly 2.3 times the global average, according to IBM's data breach research. The United States figure rose to an all-time high even as the global average cost declined about 9 percent to $4.44 million, with United States totals driven up by regulatory fines and escalation costs.

Artificial intelligence emerged as a distinct risk category in the data. Among organizations that experienced an AI-related security incident, 97 percent reported lacking proper AI access controls. A high level of shadow AI, where employees use unapproved AI tools, added an extra $670,000 to the average breach cost. The research found that 63 percent of organizations studied had no AI governance policies in place to manage AI use or prevent shadow AI.

AI also showed a defensive benefit in the same data. Organizations that used AI and automation extensively across security operations saved an average of $1.9 million in breach costs and shortened the breach lifecycle by about 80 days. Across all breaches, organizations identified and contained incidents in a mean of 241 days, the lowest in nine years. The data presents AI as both a growing source of breach exposure and a tool that can reduce breach costs when governed properly.

Source: IBM -- https://www.ibm.com/reports/data-breach