Le dernier IBM Cost of a Data Breach Report is here: it paints a clear picture of where the risks are, what is driving costs up, and which investments actually pay off. For security leaders, it is a benchmark, a warning, and a playbook all in one – with highlights on where to focus, what to fix, and how to avoid becoming the next headline.
PII is still the crown jewel for attackers
Customer personal data remains the most targeted and most costly asset in a breach. More than half of all breaches involved informations personnelles du client, and in incidents involving l'IA fantôme the number jumped to sixty five percent. The cost per compromised customer PII record is $160 worldwide, and $166 in shadow AI incidents. That means a 50,000-record exposure can easily exceed $8 million in direct losses before factoring in fines, churn, and reputational damage. For any organization, a single exposed data set can translate into millions in losses, fines, and reputational damage.
The lesson is simple. If you cannot see where all your sensitive data is, you cannot secure it. That is where identity-aware discovery, classificationet les contrôles d'accès become non-negotiable.
Shadow AI is not just a security problem, it is a cost problem
One in five organizations experienced a breach tied to shadow AI this year. These incidents add an average of $200,000 to breach costs, and in high-usage environments the figure jumps to $670,000. They take longer to detect, involve more personal and intellectual property data, and create downstream operational disruption.
In many cases, employees were using unsanctioned AI tools that handled sensitive data without the knowledge or approval of security teams.
Shadow AI incidents also had a longer detection window and were more likely to involve both personal and intellectual property data. Treating shadow AI as just a policy violation is not enough. Shadow AI is not simply a compliance headache. It is an unmonitored attack surface with a price tag. Détection, governance, and automated controls are essential.
- 20% of organizations had a breach involving shadow AI
- + $200K added to global average breach cost for shadow AI incidents
- + $670K for organizations with high shadow AI usage
- 65% of shadow AI breaches involved customer PII
- 40% involved intellectual property
- Detection and containment times are a week longer than the global average
AI adoption is outpacing AI governance
Sixty three percent of breached organizations had no AI governance policy in place. Among those that did, less than half had a formal approval process for AI deployments, and only a third conducted regular audits for unsanctioned AI. Ninety seven percent of AI-related breaches involved systems without proper access controls.
This governance gap is one of the most fixable risks in the report. Security and compliance teams need to work together to create a unified inventory of AI systems, enforce access policies, and continuously monitor for rogue deployments.
AI Access Controls are the Weak Link
-
97% of AI-related breaches involved systems without proper AI access controls
-
31% of authorized AI security incidents resulted in unauthorized access to sensitive data
-
29% led to a loss of data integrity
-
23% caused direct financial loss
AI models are touching critical and regulated data without guardrails. Every one of those instances is a breach cost waiting to happen.
AI in security is a proven cost reducer
Organizations that use AI and automation extensively across the security lifecycle reduced their breach costs by 1.9 million dollars on average and cut incident response times by eighty days. Yet only 32 percent report extensive use, and adoption rates have barely moved from last year.
AI in security is not just a force multiplier for overextended teams, it is a direct cost saver. From automated classification to faster investigation and remédiation, the return on investment is proven.
Multi-environment breaches carry higher costs
Thirty percent of breaches involved data spread across multiple environments. These cost an average of $5.05 million and took 276 days to contain – the longest of any breach type. Without unified visibility and controls, hybrid environments become a liability.
Security visibility that stops at a single environment is no longer enough. Modern data lives across public cloud, private cloud, and on-premises systems, and breaches cross those boundaries without friction. Security controls and discovery tools must be able to do the same.
Industry trends: where the stakes are highest
Soins de santé remains the most expensive sector for breaches at 7.42 million dollars on average. Financial and industrial organizations also sit well above the global average. For these industries, the combination of regulatory exposure, sensitive customer data, and complex infrastructure means higher stakes and higher costs.
What security leaders can take away
The data is clear on where to focus:
- Find and protect PII everywhere it lives. Customer PII carries the highest cost and the highest risk.
- Get shadow AI under control. Detect it, govern it, and shut it down before it becomes an expensive breach headline.
- Build AI governance into your security program. Treat AI assets like any other high-value system.
- Use AI and automation in security extensively, not sparingly. The cost and speed benefits are proven.
- Secure across environments, not in silos. Breaches will cross boundaries if your tools cannot.
The organizations that win will be those that combine visibility, governance, and automation across their entire data landscape – and that treat AI as both a business opportunity and a business risk that demands control.
Auteur
