Shadow AI, supply chains are the favorite attack vectors

The report finds that 60% of AI-related security incidents resulted in compromised data, while 31% caused disruptions to an organization’s daily operations. Customers’ personally identifiable information (PII) was compromised in 65% of shadow AI incidents. That’s significantly higher than the 53% global average. One of AI security’s greatest weaknesses is governance, with 63% of breached organizations either lacking AI governance policies or are still developing them.

“Shadow AI is like doping in the Tour de France; people want an edge without realizing the long-term consequences,” Itamar Golan, CEO of Prompt Security, told VentureBeat. His company has cataloged over 12,000 AI apps and detects 50 new ones daily.

VentureBeat continues to see adversaries’ tradecraft outpace current defenses against software and model supply chain attacks. It’s not surprising that the report found that supply chains are the primary attack vector for AI security incidents, with 30% involving compromised apps, APIs, or plug-ins. As the report states: “Supply chain compromise was the most common cause of AI security incidents. Security incidents involving AI models and applications were varied, but one type clearly claimed the top ranking: supply chain compromise (30%), which includes compromised apps, APIs and plug-ins.”

Weaponized AI is proliferating  

Every form of weaponized AI, including LLMs designed to improve tradecraft, continues to accelerate. Sixteen percent of breaches now involve attackers using AI, primarily for AI-generated phishing (37%) and deepfake attacks (35%). Models, including FraudGPT, GhostGPT and DarkGPT, retail for as little as $75 a month and are purpose-built for attack strategies such as phishing, exploit generation, code obfuscation, vulnerability scanning and credit card validation.

The more fine-tuned a given LLM is, the greater the probability it can be directed to produce harmful outputs. Cisco’s The State of AI Security Report reports that fine-tuned LLMs are 22 times more likely to produce harmful outputs than base models. 

“Adversaries are not just using AI to automate attacks, they’re using it to blend into normal network traffic, making them harder to detect,” Etay Maor, Chief Security Strategist at Cato Networks, recently told VentureBeat. “The real challenge is that AI-powered attacks are not a single event; they’re a continuous process of reconnaissance, evasion, and adaptation.”

As Shlomo Kramer, CEO of Cato Networks, warned in a recent VentureBeat interview: “There is a short window where companies can avoid being caught with fragmented architectures. The attackers are moving faster than integration teams.”

Governance one of the weaknesses adversaries exploit

Among the 37% of organizations claiming to have AI governance policies, only 34% perform regular audits for unsanctioned AI. Just 22% conduct adversarial testing on their AI models. DevSecOps emerged as the top factor reducing breach costs, saving organizations $227,192 on average.

The report’s findings reflect how relegating governance as a lower priority impacts long-term security. “A majority of breached organizations (63%) either don’t have an AI governance policy or are still developing one. Even when they have a policy, less than half have an approval process for AI deployments, and 62% lack proper access controls on AI systems.”

Most organizations lack essential governance to reduce AI-related risks, with 87% acknowledging the absence of policies or processes. Nearly two-thirds of breached companies fail to audit their AI models regularly, and over three-quarters do not conduct adversarial testing, leaving critical vulnerabilities exposed.

This pattern of delayed response to known vulnerabilities extends beyond AI governance to fundamental security practices. Chris Goettl, VP Product Management for Endpoint Security at Ivanti, emphasizes the shift in perspective: “What we currently call ‘patch management’ should more aptly be named exposure management—or how long is your organization willing to be exposed to a specific vulnerability?”

The $1.9M AI dividend: Why smart security pays off

Despite the proliferating nature of weaponized AI, the report offers hope for battling adversaries’ growing tradecraft. Organizations that go all-in using AI and automation are saving $1.9 million per breach and resolving incidents 80 days faster. According to the report: “Security teams using AI and automation extensively shortened their breach times by 80 days and lowered their average breach costs by USD 1.9 million compared to organizations that didn’t use these solutions.”

It’s striking how broad the contrast is. AI-powered organizations spend $3.62 million on breaches, compared to $5.52 million for those without AI, resulting in a 52% cost differential. These teams identify breaches in 153 days, compared to 212 days for traditional approaches, and then contain them in 51 days, versus 72 days.

“AI tools excel at rapidly analyzing massive data across logs, endpoints and network traffic, spotting subtle patterns early,” noted Vineet Arora, CTO at WinWire. This capability transforms security economics: while the global average breach cost sits at $4.44 million, extensive AI users operate 18% below that benchmark.

Yet adoption continues to struggle. Only 32% use AI security extensively, 40% deploy it in a limited manner, and 28% use it in no capacity. Mature organizations distribute AI evenly across the security lifecycle, most often following the following distribution: 30% prevention, 29% detection, 26% investigation and 27% response.

Daren Goeson, SVP Product Management at Ivanti, reinforces this: “AI-powered endpoint security tools can analyze vast amounts of data to detect anomalies and predict potential threats faster and more accurately than any human analyst.”

Security teams aren’t lagging; however, 77% match or exceed their company’s overall AI adoption. Among those investing post-breach, 45% choose AI-driven solutions, with a focus on threat detection (36%), incident response planning (35%) and data security tools (31%).

The DevSecOps factor amplifies benefits further, saving an additional $227,192, making it the top cost-reducing practice. Combined with AI’s impact, organizations can cut breach costs by over $2 million, transforming security from a cost center to a competitive differentiator.

Why U.S. cybersecurity costs hit record highs while the rest of the world saves millions

The cybersecurity landscape revealed a striking paradox in 2024: as global breach costs dropped to $4.44 million, their first decline in five years. U.S. organizations watched their exposure skyrocket to an unprecedented $10.22 million per incident. This divergence signals a fundamental shift in how cyber risks are materializing across geographic boundaries. Healthcare organizations continue to bear the heaviest burden, with an average cost of $7.42 million per breach, and resolution timelines stretching to 279 days —a full five weeks longer than what their peers in other industries experience.

The operational toll proves equally severe: 86% of breached organizations report significant business disruption, with three-quarters requiring more than 100 days to restore normal operations. Perhaps most concerning for security leaders is the emergence of investment fatigue. Post-breach security spending commitments have plummeted from 63% to just 49% year-over-year, suggesting organizations are questioning the ROI of reactive security investments. Among those achieving full recovery, only 2% managed to restore their operational status within 50 days, while 26% required more than 150 days to regain operational footing. These metrics underscore a harsh reality: while global organizations are improving their ability to contain breach costs, U.S. enterprises face an escalating crisis that traditional security spending alone cannot resolve. The widening gap demands a fundamental rethinking of cyber resilience strategies, particularly for healthcare providers operating at the intersection of maximum risk and extended recovery timelines.

IBM’s report underscores why governance is so critical

“Gen AI has lowered the barrier to entry for cybercriminals. … Even low‑sophistication attackers can leverage GenAI to write phishing scripts, analyze vulnerabilities, and launch attacks with minimal effort,” notes CrowdStrike CEO and founder George Kurtz.

Mike Riemer, Field CISO at Ivanti, offers hope: “For years, attackers have been utilizing AI to their advantage. However, 2025 will mark a turning point as defenders begin to harness the full potential of AI for cybersecurity purposes.”

IBM’s report provides insights organizations can use to act immediately:

1. Implement AI governance now – With only 45% having approval processes for AI deployments
2. Gain visibility into shadow AI – Regular audits are essential when 20% suffer breaches from unauthorized AI
3. Accelerate security AI adoption – The $1.9 million savings justify aggressive deployment

As the report concludes: “Organizations must ensure chief information security officers (CISOs), chief revenue officers (CROs) and chief compliances officers (CCOs) and their teams collaborate regularly. Investing in integrated security and governance software and processes to bring these cross-functional stakeholders together can help organizations automatically discover and govern shadow AI.”

As attackers weaponize AI and employees create shadow tools for productivity, the organizations that survive will embrace AI’s benefits while rigorously managing its risks. In this new landscape, where machines battle machines at speeds humans can’t match, governance isn’t just about compliance; it’s about survival.