Investment Rating - The report does not explicitly provide an investment rating for the industry [1]. Core Insights - The report highlights the increasing risks associated with AI systems, particularly due to the lack of regulatory oversight and security governance, leading to significant financial losses from data breaches [2][3]. Summary by Sections Executive Summary - The report marks the 20th anniversary of data breach research, focusing on the impact of AI technology and the associated risks [2]. - It emphasizes that many companies are prioritizing rapid deployment of AI over security governance, making them more vulnerable to attacks [2]. Key Findings - The global average cost of a data breach is $4.44 million, down from $4.88 million in 2024, a decrease of 9% [3]. - The decline in costs is attributed to improved incident detection and response times, aided by AI and automation technologies [3]. - In the U.S., the average cost of a data breach has increased by 9% to $10.22 million, primarily due to rising regulatory fines and detection costs [3]. - AI-related security incidents account for 13% of reported breaches, with 97% of these incidents lacking proper access controls [4]. - The average cost of malicious insider attacks is $4.92 million, with third-party vendor and supply chain attacks closely following at $4.91 million [4]. Recommendations - The report suggests five effective strategies to prevent data breaches and reduce associated costs, focusing on strengthening identity security for both human and machine users [5][6]. - It emphasizes the need for robust identity access management (IAM) to address vulnerabilities that attackers exploit [6]. - The report advocates for lifecycle governance of credentials to mitigate risks of credential misuse [7].