Managed Backup
Disaster Recovery
Storage Management
Cyber Recovery
CopyAssure
Software Licensing
Managed License Compliance
Software Asset Management
Managed SIEM
Exposure Management
MXDR
MDR
Security Consultancy
Incident Response
Infrastructure Modernisation
Cloud Optimisation
Datacentre Services
Hybrid Cloud
Cyber Security
Zero Trust - Celerity Limited
Secure your data, eliminate risk and harness the power of Zero Trust.
Artificial Intelligence (AI) is redefining modern cybersecurity, unlocking new efficiencies in breach detection, response, and overall risk reduction. Yet, as organisations race to deploy AI-driven controls, a gap is emerging between rapid adoption and robust governance. Without disciplined oversight, even the most advanced defences can introduce unforeseen vulnerabilities, underscoring the need for technical leadership and accountable frameworks as AI becomes integral to business resilience.
In this blog, we explore the headline findings from the IBM Cost of a Data Breach Report 2025, with a specific focus on how AI is influencing breach costs, threat trends, and the critical importance of responsible deployment.
Key Insights at a Glance
-
The global average cost of a data breach has dropped 9% to $4.44 million, the first decline in five years.
-
AI and automation are credited with driving faster breach detection and reducing containment time.
-
16% of breaches involved AI used by attackers, including phishing and deepfake impersonation.
-
Poor governance added an average of $670,000 to the cost of a data breach.
-
97% of AI-related incidents occurred in organisations lacking proper AI governance or access controls.
AI: A Force for Good When Governed Properly
The report underscores the complex role that AI now plays in cybersecurity. Leading organisations are harnessing AI and automation to achieve faster breach detection, more efficient containment, and measurable cost reductions. At the same time, adversaries are rapidly leveraging AI to amplify the scale and sophistication of their attacks.
The report shows 16% of breaches analysed involved AI-powered threats, including the deployment of convincingly tailored phishing emails and deepfake impersonations. These methods enable threat actors to operate at unprecedented speed and scale, posing a significant challenge for security teams.
This evolving threat environment highlights a crucial takeaway: AI’s potential to enhance cyber resilience is only fully realised when its deployment is governed by robust controls, ongoing oversight, and a commitment to industry best practices.
Closing the Oversight Gap
One of the most urgent challenges identified in the 2025 report is the widening gap between rapid AI adoption and the implementation of robust governance. The absence of effective access controls and oversight has left organisations vulnerable, and almost every AI-related security incident stemmed from insufficient safeguards.
This governance shortfall comes at a tangible cost: organisations without structured policies faced, on average, $670,000 higher expenses per data breach than those with well-defined controls.
To mitigate this risk, forward-thinking organisations must place the development of comprehensive AI governance frameworks at the heart of their strategy. This includes establishing clear approval workflows, continuous monitoring, and targeted controls for shadow AI and unauthorised tools. Only through proactive visibility and disciplined oversight can new risks be managed and innovation scaled securely.
Next Steps: Secure Innovation at Scale
To fully realise AI’s promise while reducing risk, organisations need clear governance frameworks and regular oversight. Formal approval for deployments, visibility over shadow AI, and ongoing education are essential for sustainable, secure innovation.
By combining governance, technical controls, and a culture of accountability, organisations can reduce the cost and impact of data breaches while building resilience into every layer of their digital operations.
The IBM Cost of a Data Breach Report 2025 provides detailed benchmarks, industry-specific insights, and practical recommendations for reducing risk and improving response. Whether you're leading IT strategy in healthcare, finance, government, or another critical sector, this report delivers the data you need to make informed decisions about the future of cybersecurity.
