Recent IBM research finds an “AI oversight gap” among organizations that had experienced data breaches. “Consider this: a staggering 97% of breached organizations that experienced an AI-related security incident say they lacked proper AI access controls,” the company said in promoting findings from its Cost of a Data Breach Report. In addition, 63% of the surveyed organizations said they had no AI governance policies in place to manage AI or keep workers from using “shadow AI,” IBM said. “This AI oversight gap is carrying heavy financial and operational costs,” the company’s announcement added. “The report shows that having a high level of shadow AI—where workers download or use unapproved internet-based AI tools—added an extra $670,000 to the global average breach cost.” In addition, AI-related breaches carried a ripple effect, leading to “broad data compromise and operational disruption,” which can keep organizations from processing sales orders, delivering customer service and managing supply chains. The report also contains some positive news: average global data breach costs have declined for the first time in five years, from $4.88 million to $4.44 million, a 9% decrease. Faster breach containment driven by AI-powered defenses,” the company said, with organizations able to identify and contain a breach within a mean time of 241 days, the lowest that figure has been in nine years.