A new report from IBM highlights the complex and contradictory role of artificial intelligence in today’s cybersecurity landscape, revealing that AI is simultaneously a major force for both attackers and defenders. The annual “Cost of a Data Breach Report” found that while AI-powered attacks are making breaches faster and more costly, extensive use of AI for security purposes is dramatically reducing breach lifecycles and expenses.
The report, which analyzed breaches between March 2024 and February 2025, notes that attackers are increasingly leveraging AI tools. A significant portion of breaches studied involved the use of AI for activities like phishing and deepfake impersonation attacks. This marks a new era where malicious actors can automate and scale sophisticated attacks with unprecedented speed, making them harder to detect with traditional security measures.
A particular area of concern highlighted in the report is “shadow AI.” This refers to AI tools and applications used within an organization without proper security oversight and governance. The study found that one in five organizations experienced a breach due to security issues with shadow AI, and these breaches were, on average, more expensive than others. The lack of basic access controls for AI systems was a recurring vulnerability, with 97% of organizations experiencing an AI-related breach lacking these fundamental safeguards.
However, the news is not all grim. The report also presents compelling evidence that organizations embracing AI for their security operations are reaping significant benefits. Companies that extensively deployed AI and automation throughout their security workflows saw an average savings of $1.9 million in breach costs and a reduction of 80 days in the breach lifecycle. These tools are proving to be effective in everything from proactive threat detection and attack surface management to automating incident response, allowing human analysts to focus on more complex tasks.
The findings underscore a crucial takeaway: the rush to adopt AI for business operations without a parallel commitment to securing these new technologies is creating a significant and costly risk. The report effectively paints a picture of a technological arms race, where both sides are using AI, but the advantage lies with those who proactively and intelligently integrate it into their defensive strategies.
![Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]](https://sumtrix.com/wp-content/uploads/2025/06/30-12-120x86.jpg "Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]")
