TORONTO — A new report shows the global average cost of a data breach dropped for the first time in five years — but not in Canada.
The average cost of a breach between March 2024 and February 2025 was $6.4 million, down from $6.6 million a year earlier, showed research released Wednesday from technology giant IBM and the Ponemon Institute, a U.S.-based cybersecurity research centre.
While global costs are decreasing because of shorter breach life cycles, expenses related to these attacks have risen in Canada, IBM Canada’s security delivery leader Daina Proctor said.
The average cost of a Canadian breach soared 10.4 per cent to $6.98 million in the latest year studied from $6.32 million the year before.
Canada's average is higher because detection and escalation costs, which cover forensic investigators, regulatory responses, legal counsel and crisis communications, have risen, Proctor said.
Detection costs now average $470,000 in Canada, while post-breach recovery costs hover around $270,000.
At the same time, Canada is facing rising costs because of "slower adoption of AI-driven defences and governance gaps," Proctor said in an email.
In the last year, cybersecurity issues have been reported at Nova Scotia Power, the College of New Caledonia in Prince George, B.C., and PowerSchool, the maker of education software used by many Canadian schools.
Breaches can be expensive because they can be difficult to detect and assessing and recovering from them can be tedious, time-consuming work requiring many professionals and sometimes, interruptions for customers and workers.
Most countries have seen fees associated with a breach drop because it’s taking less time to investigate breaches.
Yet several countries including Canada bucked that trend.
IBM and Ponemon’s research showed the cost of data breaches also rose in the U.S., India, the Association of Southeast Asian Nations and Benelux — the economic union of Belgium, the Netherlands and Luxembourg.
Average breach costs in the United States reached a record US$10.22 million, an increase of nine per cent from last year.
When it analyzed 600 organizations impacted by data breaches, it found the most expensive attacks hit the health care sector, followed by the financial, industrial and energy industries.
In many instances, hackers made use of shadow artificial intelligence — when workers use AI without employer approval or oversight.
“Shadow AI has become one of the biggest blind spots for organizations today," Proctor said. "Employees are adopting AI tools to boost their productivity, but without oversight, they are inadvertently creating vulnerabilities."
Shadow AI systems often process sensitive data and interact with external systems companies have no control over.
"Once attackers exploit these gaps, the cascading effects can expose entire systems and supply chains to significant breaches," Proctor said.
Twenty per cent of the organizations studied said they suffered a breach due to security incidents involving shadow AI.
Global organizations with high levels of shadow AI said use of this technology added $967,011 to the average breach price tag compared to those that had low levels of shadow AI or none.
Incidents involving shadow AI also resulted in more personal identifiable information and intellectual property being compromised.
To address the risks associated with shadow AI, Proctor said companies need to give workers more approved AI tools and conduct regular audits to find gaps in their offerings and employee compliance.
This report by The Canadian Press was first published July 30, 2025.
Tara Deschamps, The Canadian Press
