Back to all posts

AI Security Gaps Exposed In New IBM Report

2025-08-09Lindsey Wilkinson3 minutes read
AI Security
Cybersecurity
Data Governance

Digital background depicting innovative technologies in AI systems.

Artificial Intelligence applications are rapidly becoming a prime target for cybercriminals, yet enterprise security measures are struggling to keep up. According to an IBM survey conducted with the Ponemon Institute across 600 organizations, a concerning trend is emerging.

While security incidents directly involving AI models remain relatively low, occurring in just 13% of reported breaches, the underlying cause is a major red flag. A staggering 97% of the businesses that did suffer an AI-related incident lacked the proper access controls. This fundamental security failure, often stemming from compromised apps, APIs, or plug-ins, led to much wider data compromise and operational disruption.

At the same time, attackers are weaponizing AI, with about one in six breaches now being driven by AI-powered tools that generate sophisticated phishing attempts or convincing deepfake impersonations.

The Governance Gap Why Businesses Are Unprepared

Despite the clear and present danger, AI adoption is outpacing the implementation of adequate security and governance policies. The IBM report highlights that more than three in five enterprises have either failed to establish AI governance policies or are still in the preliminary stages of developing them.

Even among the organizations that have policies, less than half have an established approval process for new AI deployments or perform regular audits to detect unsanctioned or "shadow" AI. This creates a dangerous blind spot in their security posture.

“The data shows that a gap between AI adoption and oversight already exists, and threat actors are starting to exploit it,” stated Suja Viswesan, VP of Security and Runtime Products at IBM.

The High Cost of Shadow AI

The financial and reputational consequences of this lack of oversight are severe. Approximately one in five enterprises that experienced a data breach traced the root cause to shadow AI.

The global average cost of a data breach is already a steep $4.4 million. However, for companies with high levels of unsanctioned AI, that cost inflates by an additional $670,000. This makes the rise of shadow AI one of the top three most costly factors in a breach, even surpassing the impact of a security skills shortage. Critically, unauthorized AI use was also linked to a higher volume of compromised personally identifiable information (PII) and intellectual property.

“The cost of inaction isn't just financial, it's the loss of trust, transparency and control,” Viswesan warned. Without proactive governance, the immense potential of AI can quickly transform into a significant and costly liability.

Read Original Post

More Blogs

Radu Jude Reinvents Dracula With AI And An iPhone
Georg Szalai

Radu Jude Reinvents Dracula With AI And An iPhone

Romanian director Radu Jude discusses his new film Dracula, which uses AI, an iPhone, and provocative storytelling to deconstruct the famous myth. The film, premiering at Locarno, blends pop culture, politics, and a tribute to cinema itself.

Dracula
Filmmaking
Artificial Intelligence
Microsoft Is Building A Sora Style Feed For Copilot
Alexey Shabanov

Microsoft Is Building A Sora Style Feed For Copilot

Microsoft is internally testing a new Creator Gallery feature in Copilot. This Sora-style feed will let users browse, like, and remix AI generated images and videos, creating a central hub for creative media.

Microsoft
Copilot
Generative AI
Ready to Create Amazing AI Art?
Experience the power of AI image generation with our professional tools and API
Midjourney APITry Our Web App
ImaginePro newsletter

Subscribe to our newsletter!

Subscribe to our newsletter to get the latest news and designs.