Our Terms & Conditions | Our Privacy Policy
- Primary culprits were phishing (18% of incidents), supply chain and vendor compromises (17%), and vulnerability exploitation (13%).
The average cost for organisations suffering data breaches in India surged to an all-time high of Rs220 million (Rs22 crore) in 2025, marking a 13 per cent year-on-year rise, according to fresh findings released by IBM.
The uptick reflects both a growing threat landscape and a wider range of digital vulnerabilities as companies race to embrace new technologies.
One encouraging trend emerges: Indian organisations are detecting and containing breaches more quickly. The average time to identify and contain a breach dropped to 263 days—15 days fewer than last year. Analysts point to swifter incident response investments and sharper cyber threat awareness across sectors as key drivers behind this progress.
Yet, as artificial intelligence powers transformation across industries, security and governance are struggling to keep up. Only 37 per cent of Indian enterprises surveyed had rolled out AI-based access controls, while nearly 60 per cent admitted lacking comprehensive AI governance policies or said their policies were still a work in progress.
A strategic liability
Even among organisations with AI governance in place, adoption of automated governance tools lagged, with just a third making use of this tech.
The primary culprits behind data breaches in India this year were phishing (18 per cent of incidents), supply chain and vendor compromises (17 per cent), and vulnerability exploitation (13 per cent).
IBM’s researchers flagged that global excitement to harness AI is overshadowing investments in security and governance—leaving unregulated systems far more exposed to breaches and costlier clean-ups when attacks occur.
Research sector suffers the steepest
Viswanath Ramaswamy, Vice President for Technology at IBM India & South Asia, underscored the urgency: “India’s rapid adoption of AI promises major gains, but it also raises the stakes around cyber risk. Failing to put proper controls and governance in place isn’t just an IT flaw—it’s a strategic liability. CISOs must weave trust and transparency into AI deployment from the start.”
A fast-growing risk area: shadow AI—the use of unsanctioned AI apps bypassing IT oversight. Shadow AI emerged as one of the three costliest sources of breaches, bumping up damages by Rs17.9 million per incident. Only 42 per cent of Indian organisations said they had policies designed to catch shadow AI and its risks.
The research sector suffered the steepest average breach costs, at Rs289 million, closely trailed by the transportation industry (Rs288 million) and the industrial sector (Rs264 million). As India’s data economy expands and digital platforms embed themselves ever deeper into essential services, the price of lacking AI security and governance will only climb higher.
Images are for reference only.Images and contents gathered automatic from google or 3rd party sources.All rights on the images and contents are with their legal original owners.
Aggregated From –
Comments are closed.