South African organisations saw the average cost of a data breach drop to R44.1 million ($2.45M) in 2025, down 17% from R53.1 million ($2.95M) in 2024, according to IBM’s latest Cost of a Data Breach Report. This marks the first year in five that both local and global breach costs declined, with AI, machine learning, and automation credited for faster detection and containment.
Key findings for South Africa:
- Main cost drivers: Detection and escalation (R17.5M), lost business (R13.1M), post-breach response (R12.54M), and notification (R950K).
- Worst-hit sectors: Financial services (R70.2M), hospitality (R57.5M), and services (R56.76M).
- Top breach causes: Third-party and supply chain compromises (17%), compromised credentials (13%), phishing (13%), and denial-of-service (13%).
- AI advantage: Firms extensively using AI and security automation reported 32% lower breach costs and reduced time to detect and contain threats.
IBM cautioned that attackers are also using generative AI for phishing (37%) and deepfake impersonation (35%), pushing the need for AI governance policies. Currently, 47% of South African organisations have formal AI governance in place, with another 14% developing frameworks.
IBM South Africa GM Ria Pinto said the drop in costs is proof that AI-enabled cyber defence works, but warned that investment in skills, governance, and responsible AI use must continue to counter evolving threats.
