Key Takeaways:
- The average cost of a U.S. data breach reached $10.22 million in 2025, the highest recorded, despite global breach costs decreasing.
- IBM’s annual report cites “shadow AI”—unsanctioned or unmonitored AI usage by employees—as a factor in one in five breaches.
- Organizations that suffered AI-related incidents often lacked AI governance policies or access controls.
- Attackers are increasingly using AI themselves, including deepfakes and AI-generated phishing.
- Companies leveraging AI and automation in defense saw shorter breach lifecycles and $1.9 million in cost savings on average.
The cost of a data breach in the United States has climbed to a new high of $10.22 million in 2025, according to IBM’s latest annual “Cost of a Data Breach Report.” While the global average breach cost decreased for the first time in years, the U.S. continues to buck the trend. The report attributes much of the domestic increase to emerging risks associated with artificial intelligence—specifically, unauthorized use of generative AI applications by employees, known as shadow AI.
Shadow AI is quickly becoming one of the most pressing challenges for corporate security teams. With employees using tools like ChatGPT, Gemini, and custom AI copilots to increase productivity, many organizations have failed to implement governance controls, training, or visibility mechanisms. The result: sensitive data is leaking, AI-generated code is being misused, and malicious actors are exploiting unmanaged models.
U.S. Breach Costs Surpass $10 Million
In IBM’s survey of more than 550 breaches across 16 industries and 17 countries, the U.S. once again topped the chart. The $10.22 million average breach cost in 2025 represents a roughly 9% increase from the prior year. The financial strain was particularly acute in healthcare, where the average breach cost climbed even higher due to extended lifecycles and the value of patient data.
In contrast, the global average dropped to $4.45 million—a 9% decline—marking the first such reduction in five years. Improvements in detection speed and containment, largely aided by increased automation and AI integration in cyber defenses, contributed to this global progress. However, the U.S. continues to face escalating regulatory penalties and legal fees, which amplify the cost of post-breach recovery.
Shadow AI: Emerging Threat from Within
One of the report’s standout findings is the surge in breaches tied to shadow AI. These are incidents triggered by employees using generative AI tools without IT oversight or security controls. In 2025, 21% of all breaches studied by IBM involved some element of shadow AI, and these breaches incurred an average of $670,000 more in damages than others.
In many of these cases, employees uploaded proprietary data into generative AI tools for coding assistance, document summarization, or creative tasks, inadvertently exposing confidential information to third parties. In others, teams built internal tools using unsecured open-source models, which were later exploited or leaked.
IBM’s research shows that 97% of the companies affected by AI-related breaches had no formal AI access controls in place at the time of the incident. Nearly two-thirds lacked a documented AI governance policy altogether. These oversights left many organizations blind to what models were in use, what data was flowing through them, and what security implications existed.
The Rise of AI-Augmented Attacks
Adding to the complexity, attackers are also turning to AI to enhance their offensive capabilities. Sixteen percent of all breaches examined in IBM’s report involved some form of AI-enhanced technique. Of those, 37% relied on AI-generated phishing emails, while 35% used deepfake impersonation for social engineering.
These techniques enable attackers to increase the realism, speed, and scale of their campaigns. A single attacker can now craft thousands of personalized phishing messages using AI-driven tools in minutes, bypassing traditional filters and luring victims into disclosing credentials or installing malware.
Meanwhile, deepfakes—used to impersonate executives or trusted vendors—are undermining once-reliable authentication processes. The report noted at least one breach in which a fraudulent voice message, generated using publicly available AI, convinced a finance executive to transfer funds to a criminal account.
AI as Both Risk and Remedy
While AI presents new risks, it also offers promising defense capabilities. Organizations that incorporated AI-powered tools into their detection and response efforts reported significantly improved outcomes. On average, these companies reduced breach lifecycle times by 80 days and saved $1.9 million in breach-related costs compared to organizations without such tools.
Effective applications include AI-assisted anomaly detection, predictive modeling, behavioral analytics, and threat prioritization. However, only one-third of surveyed organizations reported using AI across their full security lifecycle. Many still deploy AI in isolated functions—such as endpoint protection or log monitoring—rather than as part of an integrated security stack.
The findings suggest that security gains are closely tied to the maturity of an organization’s AI adoption and governance. Without structured access policies, training programs, and compliance checks, even advanced tools can introduce more problems than they solve.
Governance, Not Just Tech, Is the Fix
The report emphasizes that managing AI risk is less about banning tools and more about governing them. To that end, IBM recommends that organizations:
- Develop and enforce AI usage policies with clear boundaries and approved use cases.
- Monitor internal use of AI tools through network traffic analysis and endpoint telemetry.
- Implement access controls for model usage, data input, and model sharing.
- Educate employees on acceptable AI use and the risks of unapproved tools.
- Assign leadership responsibility—such as a Chief AI Officer or cross-functional committee—to oversee AI compliance and incident response.
The report also suggests embedding AI usage into existing risk management frameworks. Treating AI models like any other critical application—with vulnerability management, version control, and auditing—can help prevent many of the issues that shadow AI introduces.
Industry Implications
IBM’s findings highlight a growing divide: companies that embrace AI thoughtfully and securely are reducing risk and improving outcomes, while those that adopt AI carelessly or without oversight are inadvertently expanding their attack surface.
In the year ahead, regulatory scrutiny of AI governance is expected to increase, especially in sectors like finance, healthcare, and critical infrastructure. Cyber insurance underwriters may also begin factoring AI risk maturity into their pricing and coverage decisions.
For CISOs, the message is clear: the AI genie is out of the bottle. Banning tools is ineffective and counterproductive. Securing them, however, is achievable—and now essential.
Learn how AI Agents can supercharge your company’s profits and productivity at TMC’s AI Agent Event, Sept 29-30, 2025 in DC.
If you liked this post, you’ll love one of the the leading global business communications and technology events since 1999, the ITEXPO #TECHSUPERSHOW, Feb 10-12, 2026 Fort Lauderdale, Florida.
Don’t forget the collocated MSP Expo – just for managed service providers!
Aside from his role as CEO of TMC and chairman of ITEXPO #TECHSUPERSHOW Feb 10-12, 2026, Rich Tehrani is CEO of RT Advisors and a Registered Representative (investment banker) with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). He handles capital/debt raises as well as M&A. RT Advisors is not owned by Four Points.
The above is not an endorsement or recommendation to buy/sell any security or sector mentioned. No companies mentioned above are current or past clients of RT Advisors.
The views and opinions expressed above are those of the participants. While believed to be reliable, the information has not been independently verified for accuracy. Any broad, general statements made herein are provided for context only and should not be construed as exhaustive or universally applicable.
Portions of this article may have been developed with the assistance of artificial intelligence, which may have contributed to ideation, content generation, factual review, or editing






