- Mitigating risks of AI model attacks: To reduce the risk of attacks on AI models, organisations in South Africa are most commonly implementing access controls on AI systems 37.
- AI governance adoption: Some 47 of surveyed organisations reported having formal AI governance policies in place, with an additional 14 starting to develop them. For those with policies in place, the most common elements include strict approval processes for AI deployments 45, use of AI governance technology 41 and employee training on AI risks 37.
- AI and automation reduce average breach costs: Organisations that extensively used AI and security automation reported lower breach costs at R36.2-million - 32 lower than those that had no use of AI and security automation at R53.7-million. Those that used AI and security automation also saw a lower mean time to identify the breach and a lower mean time to contain it.
Use of shadow AI - unauthorised by the company or its IT department - increased the cost of a data breach by R2.2-million.
The most common initial causes of data breaches in 2025 were third-party vendor and supply chain compromise, which accounted for 17 of incidents and carried an average cost of R29.6-million.
Average costsCompromised credentials, phishing and denial-of-service attacks each made up 13 of breaches, with average costs of R48-million, R50.4-million and R 38.8-million, respectively.
The 2025 Cost of a Data Breach Report analysed real-world data breaches from over 600 organisations worldwide from March 2024 to February 2025, including organisations from South Africa. It was conducted by Ponemon Institute and sponsored and analysed by IBM. - 2025 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here .