IBM's 2025 breach report: How bad is the AI governance gap?

What does IBM's 2025 Cost of a Data Breach Report reveal about the AI governance gap?

IBM and the Ponemon Institute just released their 20th annual Cost of a Data Breach Report, and the findings point to a problem that's growing faster than most security teams can address: organizations are deploying AI at scale without the governance, access controls, or visibility needed to secure it.

These findings mirror what security teams see across SaaS and AI platforms every day: sensitive data moving faster than traditional oversight can follow. Vorlon’s Unified SaaS and AI Security platform helps organizations close that gap with continuous visibility across every connected tool and AI agent.

The numbers are stark. While global breach costs dropped to $4.44 million, largely due to faster AI-powered detection and response, the report reveals a dangerous pattern. The same AI tools that help defenders are creating new attack surfaces that most organizations can't see, let alone control.

What's the core finding of the IBM report?

97% of organizations that experienced an AI-related security incident lacked proper AI access controls.

That's not a typo. Nearly every organization hit by an AI-related breach had failed to implement basic access controls for their AI tools and models. This isn't sophisticated zero-day exploits or nation-state actors. It's organizations skipping fundamental security practices when deploying AI.

The second number is just as concerning: 63% of breached organizations either don't have AI governance policies or are still developing them. Only 37% have established governance frameworks, and even among that group, implementation varies widely.

After two decades of tracking data breaches across 6,485 incidents and 34,652 interviews, the IBM research shows a clear shift. In 2025, the threat landscape has evolved to complex, multi-vector attacks that exploit the intersection of SaaS applications, APIs, third-party integrations, and AI tools. The attack surface has expanded dramatically, but visibility and control haven't kept pace.

Establishing clear access boundaries for both human and non‑human identities is now a baseline security requirement. Vorlon’s SaaS Ecosystem Security Platform enforces least‑privilege access and automatically revokes risky tokens or permissions before they become exploits.

How many organizations have AI governance policies?

According to IBM’s Cost of a Data Breach report, only 37% of organizations have established AI governance policies. The remaining 63% are operating without formal frameworks to manage AI risk.

The gap between having a policy and implementing comprehensive controls is significant. Even organizations with governance frameworks struggle with one critical challenge: discovering and monitoring AI tools that employees adopt without IT or security approval.

This is where automated discovery becomes essential. Vorlon addresses this by continuously scanning your SaaS ecosystem to identify connections to unauthorized AI tools, agents, and copilots. Without automated detection, security teams must manually track down AI deployments across hundreds of applications, a process that can't scale with the speed of AI adoption.

The IBM data shows that organizations conducting regular audits for unsanctioned AI represent only 34% of those with governance policies. That means roughly 13% of all organizations are actively looking for shadow AI. The other 87% either aren't looking or don't have the tools to find it.

Effective AI governance starts with knowing what’s connected. Vorlon’s SaaS Ecosystem Visibility Layer automatically maps AI tools, APIs, and data flows—giving compliance and security teams a full view of their environment in hours, not weeks.

What happens when organizations skip AI access controls?

When organizations deploy AI without proper access controls, the consequences show up across multiple attack types:

Most common AI security incidents:

• Supply chain compromise: 30% (compromised apps, APIs, or plug-ins)
• Model inversion: 24%
• Model evasion: 21%
• Prompt injection: 17%
• Data poisoning: 15%

Supply chain compromise leads the list because AI tools integrate deeply with existing SaaS applications and data sources. An attacker who compromises an AI agent or copilot gains access to everything that tool can reach, which often includes sensitive data across multiple applications.

Supply‑chain intrusion and unauthorized SaaS‑to‑AI data sharing are among the hardest threats to detect manually. With Vorlon’s Data‑Centric SaaS Security, organizations can continuously monitor sensitive data movement across connected SaaS and AI services, catching anomalies before they escalate.

Impact of AI security incidents:

• Operational disruption: 31%
• Unauthorized access to sensitive data: 31%
• Loss of data integrity: 29%
• Reputational damage: 17%

The operational and data access impacts tie at 31%, highlighting how AI breaches create dual problems: they disrupt business operations while simultaneously exposing sensitive information.

This is where unified access governance becomes critical. Traditional identity and access management (IAM) systems were built for human users. They struggle to handle non-human identities like AI agents, service accounts, and API tokens that move data autonomously across applications.

Vorlon addresses this by treating human and AI identities with equal rigor. The platform tracks which AI tools have access to what data, monitors behavioral patterns to detect anomalous activity, and provides visibility into cross-application data flows that traditional IAM systems miss.

How much does shadow AI add to breach costs?

20% of organizations suffered a breach due to shadow AI, unsanctioned AI tools used without employer approval or oversight, IBM reports.

The cost impact is significant: $670,000 more compared to organizations with low levels of shadow AI or none at all.

But the financial cost is only part of the problem. Shadow AI breaches compromise more sensitive data types:

• 65% involved customer PII (vs. 53% global average)
• 40% involved intellectual property (vs. 33% global average)
• 62% involved data stored across multiple environments

The multi-environment aspect creates particular challenges. When shadow AI tools connect to data across cloud services, on-premises systems, and SaaS applications, security teams lose visibility into where sensitive information flows. The average time to identify and contain breaches involving multiple environments is 276 days, the longest of any storage scenario.

This detection gap is exactly what Vorlon's sensitive data flow mapping addresses. The platform tracks data movement across the entire SaaS and AI ecosystem, creating visibility into flows that traditional security tools miss. When an unauthorized AI tool starts moving customer PII or intellectual property, the system flags it in real time rather than waiting for manual discovery or attacker disclosure.

The DataMatrix™ technology underlying Vorlon's platform maps relationships between applications, data stores, identities (human and non-human), and AI tools. This creates a comprehensive view of how information moves through shadow AI channels, the kind of visibility that reduces the 276-day detection timeline for multi-environment breaches.

Are attackers using AI faster than defenders can respond?

According to IBM, 16% of data breaches involved attackers using AI, primarily for:

• AI-generated phishing campaigns: 37%
• Deepfake impersonation attacks: 35%

Attackers are using AI to compress attack timelines. What used to take hours of manual work (crafting convincing phishing emails, researching targets, creating fake credentials) now happens in minutes. Deepfake technology has advanced to the point where voice and video impersonations can bypass traditional verification methods.

But defenders are also using AI, and the cost impact is substantial. Organizations using AI and automation extensively in security:

• Reduced breach costs by $1.9 million
• Shortened breach identification and containment by 80 days

The question isn't whether to use AI in security. It's whether your AI adoption is keeping pace with attackers. The IBM data shows that 77% of security teams are adopting AI at the same pace or faster than other business functions, with 34% more advanced in adoption than the rest of the business.

Vorlon's AI-to-SaaS integration monitoring provides visibility into how AI tools interact with applications and data. This matters because attackers increasingly target AI integrations rather than the applications themselves. By monitoring API calls, data access patterns, and integration behaviors, the platform detects when AI tools are being used in ways that deviate from established baselines.

Which industries and regions are hit hardest by AI-related breaches?

Industries

Healthcare leads for the 12th consecutive year in the IBM Cost of a Data Breach report:

• Average breach cost: $7.42 million
• Average time to identify and contain: 279 days

The healthcare sector's consistently high costs stem from the sensitivity of medical records, strict regulatory requirements (HIPAA), and the operational impact of breaches on patient care. The 279-day timeline is particularly concerning. That's more than nine months from initial compromise to containment.

Other high-cost industries:

1. Financial: $5.56 million
2. Industrial: $5.00 million
3. Energy: $4.83 million
4. Technology: $4.79 million

The technology sector's $4.79 million average is notable because these organizations typically have more mature security programs. Yet they're still seeing breach costs above the global average, suggesting that technical sophistication alone doesn't eliminate risk, particularly when AI tools create new attack surfaces.

How are organizations reducing breach costs with AI?

Organizations reducing costs with AI have integrated it into their security operations: SIEM, threat detection, incident response. They're using AI to process massive volumes of security data, identify patterns humans would miss, and respond faster than manual processes allow.

Organizations increasing costs are adopting AI tools across the business without extending security controls, visibility, or governance to those deployments.

This is where platform integration becomes critical. Vorlon integrates with existing SIEM and SOAR solutions (Splunk, Google SecOps, ServiceNow, Sumo Logic, and more) to feed SaaS and AI security data into the tools security teams already use. Rather than creating another siloed dashboard, the platform enriches existing workflows with visibility into the SaaS ecosystem.

The IBM data also highlights: 32% of breaches resulted in regulatory fines, with 48% of those fines exceeding $100,000. Organizations need to prove they have visibility and control over sensitive data, including data accessed by AI tools. Vorlon's audit trails and data flow maps provide the documentation auditors and regulators require.

What should security teams do to secure environments using AI?

IBM's report includes five expert recommendations. Here's how they map to specific actions and capabilities:

1. Elevate AI data security practices

The problem: 97% of organizations with AI-related incidents lacked proper access controls.

What to do:

• Implement data discovery and classification
• Enforce strong access controls for AI tools
• Deploy encryption and key management
• Use data and AI security services

How Vorlon helps: Sensitive data mapping tracks which AI tools have access to what data across the SaaS ecosystem. The platform classifies data by sensitivity level and maps flows in real time, creating visibility into which AI agents, copilots, and integrations touch customer PII, intellectual property, or regulated data.

2. Use AI security tools and automation to move faster

The problem: Attackers use AI to create deepfakes and phishing campaigns in minutes instead of hours.

What to do:

• Deploy AI-powered threat detection and hunting
• Implement automated response capabilities
• Use managed security services with AI capabilities
• Reduce alert volume through intelligent filtering

How Vorlon helps: Real-time alerting and automated response capabilities detect anomalies in AI and SaaS behavior and trigger immediate action: revoking access, recommending when to quarantine, or initiating incident response workflows. The 80-day reduction in breach timelines for organizations using AI extensively shows the impact of automation.

3. Fortify identities, both human and machine

The problem: Many organizations have lax access controls, over-permissioned accounts, and low visibility into access.

What to do:

• Implement phishing-resistant authentication (passkeys)
• Apply IAM rigor to AI agents and non-human identities
• Enforce credential lifecycle management
• Monitor non-human identity behavior
• Distinguish between managed and unmanaged credentials

How Vorlon helps: AI identities are treated with the same rigor as human identities. With behavioral analytics for AI agents, organizations can monitor how AI tools use their access and detect when agents deviate from established patterns. This addresses the supply chain compromise risk (30% of AI security incidents) by flagging when AI tools start behaving like compromised accounts.

4. Connect security for AI and governance for AI

The problem: 63% of breached organizations lack AI governance policies.

What to do:

• Ensure collaboration between CISOs, CROs, and CCOs
• Invest in integrated security and governance software
• Automatically discover and govern shadow AI
• Gain visibility into all AI deployments
• Use observability tools for compliance and anomaly detection

How Vorlon helps: The unified platform approach connects security visibility with governance requirements. Vorlon automatically identifies unauthorized AI tools and their DataMatrix™ technology maps relationships between applications, data, identities, and AI deployments. This eliminates the risks that exist when security and governance operate separately.

5. Improve resilience

The problem: Breaches are inevitable. Organizations must minimize damage and recover quickly.

What to do:

• Regularly test incident response plans
• Practice backup restoration
• Define clear crisis response roles
• Limit high-level access
• Conduct cyber range simulation exercises
• Plan for detection, containment, and rapid recovery

How Vorlon helps: The platform's integration with SIEM, SOAR, and ITSM solutions (Splunk, ServiceNow, Jira, and more) means SaaS and AI security data feeds directly into incident response workflows. When a breach involves AI tools or SaaS integrations, security teams have the context they need: data flow maps, access histories, behavioral baselines to contain the incident faster. The IBM data shows that breaches identified by internal security teams cost $4.18 million versus $5.08 million when disclosed by attackers. Faster detection and response directly reduces financial impact.

AI is both the biggest risk and the biggest opportunity

The IBM 2025 Cost of a Data Breach Report makes one thing clear: AI is simultaneously the biggest risk and the biggest opportunity in cybersecurity. Organizations that deploy AI without governance, access controls, or visibility are seeing breach costs increase by hundreds of thousands of dollars. Organizations that use AI intentionally for security operations are saving nearly $2 million per breach and resolving incidents 80 days faster.

The difference comes down to visibility and control. Security teams can't protect what they can't see, and most organizations can't see their AI deployments, especially the shadow AI tools employees adopt without approval. The 97% of AI-related breaches that involved missing access controls weren't sophisticated attacks. They were preventable failures in basic security hygiene.

The organizations that will reduce breach costs in 2025 and beyond are those treating AI security and governance as urgent operational requirements, not future projects.