Cost of a Data Breach 2025 – Part 4 (final)

The latest Cost of a Data Breach Report 2025 offers insights not only into breach costs, but also into the ripple effects and factors that make breaches more or less expensive.

1️⃣ Business Disruption

86% of organizations reported operational disruption following a breach.

For incidents involving shadow AI, disruption was even worse – with 44% of cases leading to data compromise, 41% to increased security costs, and 39% to operational slowdowns.

Photo: https://pl.freepik.com/

2️⃣ Factors that Drive Up Costs

The report identified the top cost amplifiers:

Supply chain breaches: +$227K above the average cost.

Security system complexity: +$207K.

Shadow AI: +$200K, making it one of the newest and fastest-growing risks.

3️⃣ Factors that Reduce Costs

On the other side, three practices consistently lowered costs:

DevSecOps adoption: -$227K.

AI ML-driven insights: -$223K.

Security analytics SIEM platforms: -$212K.

4️⃣ Security Investments (Post-Breach)

Only 49% of organizations said they would increase security investment after a breach, compared to 63% last year.

Of those investing, the top areas were: threat detection (43%), data security/protection tools (37%), and incident response planning/testing (35%).

AI-driven security solutions remain strong: 45% plan to adopt them, focusing on threat detection, IR, and data security.

What really stands out to me in this year’s report is how often business disruption is the biggest consequence of a data breach. We often talk about data loss, compliance fines, or reputational damage — but the day-to-day operational impact is where organizations feel the pain most.

I also have to smile wryly at the section on security investments post-breach. Time and again, boards and executives “find” budget for cybersecurity only after the incident. Before the breach, there are always excuses. After the breach, suddenly security is ‘business critical.’

The report’s analysis of factors that increase or decrease breach costs is interesting but also controversial. Can we really assign exact dollar values to the impact of DevSecOps, ML security tools, or even quantum security? In some cases, it feels like marketing language. That said, the direction of the findings is correct: strong processes, modern tools, and automation do reduce costs and response times.

From my experience, the fundamentals remain timeless:

☑️ Build a layered defense strategy (defense in depth).

☑️ Prioritize basic cyber hygiene: IAM, patching, configuration management, vulnerability management, secure SDLC, monitoring, alerting, and incident response.

☑️ Embed governance and risk management: compliance programs, TPRM, policies, and well-tested procedures.

Author: Sebastian Burgemejster