Global Data Breach Costs Drop for the First Time in 5 Years, Driven by AI and Automation
In a significant shift, the 2025 Cost of a Data Breach Report reveals that the average global cost of a data breach has declined by 9%, settling at $4.44 million—the first drop in five years. The driving factor? Increased adoption of AI and automation has drastically improved breach detection and containment speeds.
However, while this global average signals a step forward, regional disparities remain, and new challenges such as the AI Oversight Gap are emerging as major risk factors.
U.S. Data Breach Costs Rise to $10.22 Million Amid Higher Fines
While the global trend is positive, the United States saw a 9% increase in data breach costs, with the average breach costing $10.22 million in 2025. This is the highest ever recorded in the U.S., fueled by regulatory penalties, increased detection costs, and a more complex threat landscape.
AI Oversight Gap: The Hidden Risk in AI Adoption
One of the most alarming trends highlighted in the report is the AI Oversight Gap—a growing issue where organisations are deploying AI without proper security protocols.
- 97% of organisations that suffered an AI-related breach lacked adequate access controls.
- 63% of breached organisations either don’t have an AI governance policy or are still working on one.
- Breaches involving shadow AI (unapproved AI tools) cost an additional $670,000 on average.
As more businesses turn to AI for operational efficiency, lax governance is becoming a costly vulnerability.
Attackers Are Using AI Too: Deepfakes and Phishing on the Rise
The report also notes a surge in AI-powered attacks:
- 16% of all breaches involved some form of AI use by attackers
- AI-generated phishing was linked to 37% of AI-related breaches
- Deepfake impersonation attacks accounted for 35%, posing new identity verification challenges
This trend highlights the need for businesses to not only use AI for defence, but also prepare for AI-driven offence.
Ransomware Still a Major Threat at $5.08 Million per Attack
Although overall breach costs are down, ransomware remains a high-cost threat, averaging $5.08 million per incident.
Key 2025 ransomware trends include:
- 63% of organisations now refuse to pay ransoms, up from 59% in 2024
- Fewer firms are involving law enforcement, with involvement dropping from 53% to 40%
This shift indicates a growing preference for internal resolution, possibly to avoid reputational damage or regulatory scrutiny.
Healthcare Sector Remains Most Affected at $7.42 Million per Breach
For the 14th consecutive year, the healthcare industry has the highest average data breach cost, reaching $7.42 million.
This is largely due to the high value of stolen patient personal identification information (PII). Other findings:
- Customer PII is the most commonly compromised data type
- Intellectual property is the most expensive, costing $178 per record
Most Expensive Attack Vectors: Malicious Insiders and Phishing
According to the report, malicious insider threats are once again the most expensive initial attack vector, with an average cost of $4.92 million.
Meanwhile, phishing remains the most frequent, accounting for 16% of all breaches and costing $4.8 million per incident.
Post-Breach Security Spending Declines
Despite the clear risks, fewer companies are strengthening their defences post-breach:
- Only 49% of breached organisations plan to invest in security, down from 63% in 2024
- Among those, less than half are planning to invest in AI-driven security tools
This indicates a potential disconnect between threat awareness and action—one that could reverse the current downward trend in breach costs.
Conclusion: AI Is Helping, But Governance Is Critical
The 2025 data breach landscape shows that AI and automation are making a positive impact—but without strong governance, they can just as easily become liabilities. As cyber threats evolve, companies must prioritise AI oversight, enhance security investments, and prepare for AI-powered threats from both sides of the battlefield.
