AI Oversight Emerges as Essential for Insurance Companies
The 2025 IBM Cost of a Data Breach Report, published on Friday, underscores the urgent need for businesses to prioritise AI governance within their cyber risk frameworks. The report reveals that the cost of data breaches has declined for the first time in 5 years to an average USD 4.44m, but the implications for AI governance are critical as AI adoption outpaces AI security and governance, creating significant vulnerabilities that threat actors exploit.
According to the report, only 34% of data breached firms audit for unsanctioned AI use, and 63% of these firms globally have no AI governance policy in place. This lack of oversight increases the likelihood of breaches and the associated financial and operational costs, including compromised sensitive data and business disruption.
The report recommends several best practices for AI governance. These include implementing strong AI governance policies, establishing basic access controls, treating AI security as foundational to business operations, leveraging AI and automation within security operations, and addressing the risks of shadow AI.
Implementing strong AI governance policies is crucial to managing AI use and preventing risks from shadow AI, unauthorized AI tools used without security oversight. The report found that the absence of these policies correlates with higher breach rates and costs. Establishing basic access controls for AI systems is also essential to protect sensitive data and AI models from manipulation. The report found that 97% of organizations experiencing AI-related breaches had no proper AI access controls in place.
Treating AI security as foundational to business operations means integrating AI governance with overall security and cyber risk frameworks, not as an afterthought or separate silo. Leveraging AI and automation within security operations can detect, contain, and respond to breaches more quickly, saving an average of $1.9 million in breach costs and reducing the breach lifecycle by about 80 days. Addressing the risks of shadow AI is also vital to reduce hidden vulnerabilities within the organization.
The report emphasizes that neglecting AI governance not only has financial impacts but also risks loss of trust, transparency, and operational control. Given this year’s findings, AI governance should be embedded firmly within cyber risk frameworks to mitigate evolving security risks associated with rapid AI adoption.
In Canada, Consilium has partnered with CAMGA as a Gold sponsor, and this partnership is expected to benefit CAMGA’s members. The report also highlights an escalating AI arms race with AI used both as a weapon and a shield in cyber warfare. Volatile tariffs and trade wars have moved into the top rank of emerging risks for the second quarter of 2025, and these disruptions can affect risk pricing in real time.
Interestingly, customer Personal Identification data was the most frequently compromised data in data breaches (65%), while Intellectual Property data was the costliest at USD 178 per record. The average cost of data breaches has hit a record high of $4.88 million in the IBM 2024 Cost of a Data Breach report, an increase of 10% from 2023.
In conclusion, businesses should adopt a governance framework for AI that includes policy establishment, strict access controls, oversight of AI use (including shadow AI), and integration with broader cybersecurity practices to reduce breach likelihood and costs while maximizing the defensive benefits of AI.
Read also:
- Musk announces intention to sue Apple for overlooking X and Grok in the top app listings
- Innovative Company ILiAD Technologies Introduces ILiAD+: Boosting Direct Lithium Extraction Technology's Efficiency Substantially
- Nuclear Ambitions at a U.S. Airport Spark Controversy, With Opposition Swelling
- Haval H6 Hybrid Analysis: Delving into Engine Performance and Fuel Efficiency
