natali_mis - stock.adobe.com
AI-enabled security pushes down breach costs for UK organisations
Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study
British organisations that have incorporated artificial intelligence (AI)-enabled solutions into their cyber security stack appear to be reaping the rewards of automation from a cost perspective at least, as data breach costs drop by hundreds of thousands of pounds.
This is according to the UK-specific cut of IBM’s latest annual Cost of a data breach report, released this week, which found that even though less than one-third of UK organisations have deployed AI-enhanced security, overall average data breach costs for those that have came in at £3.11m per annum, compared to £3.78m for those that had not.
The 2025 report, compiled on IBM’s behalf by the Ponemon Institute, surveyed more than 600 organisations and interviewed around 3,500 people worldwide that had experienced a breach in the period between March 2024 and March 2025. Approximately 8% of respondents are UK-based.
Elaine Hanley, partner at IBM cyber security services for the UK and Ireland, described AI as a massive benefit to defenders: “Organisations that are using AI-based threat detection and threat response are massively more effective than organisations that aren’t. But the negative side is that attackers are using AI. It’s a race where you’ve got threat actors using AI and being much more effective with it, then you’ve got the defenders at the organisation using AI to spot that faster.”
The IBM survey found that UK organisations making use of security AI and automation are able to identify and contain cyber attacks much quicker. Its data reveal that mean time to identify (MTTI) a breach at an AI-powered organisation was 148 days, and mean time to contain (MTTC) was 42 days, down from 168 and 64 days at organisations relying on traditional methods.
Running to catch up
The benefits of AI-powered security may be evident, but IBM also found that UK organisations are struggling to keep up when it comes to implementing AI-specific security policies.
For example, 63% of UK-based respondents said they did not have AI access controls in place to reduce the risks associated with potential cyber attacks against AI models or applications. Only 31% of UK-based respondents had governance policies in place to properly manage wider unsanctioned use of so-called shadow AI by their staff.
“IBM’s report shows a clear trend that AI technologies continue to be a great tool, not just for productivity but also for security purposes,” said Matthew Evans, chief operating officer and director for markets at TechUK.
“However, AI alone is not the answer – as data breaches become faster and smarter, people and organisations need the proper tools and skills to use AI in the right way to protect themselves. Lifelong learning in the form of courses, training, and certifications can make the difference in supporting organisations and their employees in protecting themselves from costly data breaches,” he said.
DevSecOps, SIEM, as important as AI
But this is not to say that AI is the only significant investment that defenders need to be making. The report also outlined that organisations paying proper attention to best practice around DevSecOps saw similar impacts to their breach costs, while spending security analytics and security information and event management (SIEM) also had an effect, although a slightly less valuable one.
Breach costs were pushed up at organisations that were experiencing large-scale use of shadow AI technology. Those that had more complexity in their overall security stack, and those that were failing to properly account for risks arising through their supply chains, were also seeing increased costs. Among surveyed UK organisations, third-party supplier and supply chain compromises were the most commonly identified breach causes, ahead of phishing and credential theft.
“It’s not just about how good your security is,” said Hanley. “You need to look at third-party risk management and look at all the people that you’re interacting with digitally, and make sure that they care as much as you do about security.”
Worldwide findings
More widely, the IBM report found that global average costs are falling in line with the UK, down to $4.44m (£3.32m) on average, the first decline since 2020.
There were other encouraging trends to emerge in the data. For example, more organisations are now feeling empowered to push back against ransomware demands, with 63% opting not to pay compared to 59% last year.
However, perhaps more worryingly, the IBM data also reveal that post-breach investment plans seem to be stalling – with only 49% of breached respondents saying they planned to spend more on cyber security, compared to 63% last year.
Read more about AI for cyber security
- Facing rising cyber threats and a shortage of experts, Citic Telecom International CPC developed an AI-powered penetration testing tool to automate security audits and reduce costs.
- The NCSC warns that a growing ‘digital divide’ between organisations that can keep pace with AI-enabled threats and those that cannot is set to heighten the UK's overall cyber risk.
- The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based initiatives and ensure employees do not inadvertently leak data or make bad decisions.
