The cost of a data breach in South Africa has declined slightly to R44.1-million, according to a new research report from IBM.
The company said in a statement on Friday that despite an increase in the number of breaches recorded in South Africa, the adoption of data security, artificial intelligence and machine learning insights, and DevSecOps practices have helped lower the average cost of such incidents.
A year ago, the average cost of a data breach in South Africa was R53.1-million, according to IBM, representing a nearly 17% decline. However, the average number of breached records increased to 23 445 versus 22 600 in 2024.
“In South Africa, detection and escalation remained the largest cost category at R17.5-million. This was followed by lost business cost at R13.1-million, post-breach response at R12.5-millon and notification costs at just under R1-million. While total breach costs have declined, these figures underline the financial exposure South African organisations still face across the breach lifecycle,” IBM said in the statement.
Sector-specific costs remained elevated. In 2025, the financial sector experienced the highest total cost of a breach at R70.2-million, followed by hospitality at R57.5-million and services at R56.8-million.
IBM said other key findings from its 2025 report include:
- Mitigating risks of AI model attacks: To reduce the risk of attacks on AI models, organisations in South Africa are most commonly implementing access controls on AI systems (37%).
- AI governance adoption: Some 47% of surveyed organisations reported having formal AI governance policies in place, with an additional 14% starting to develop them. For those with policies in place, the most common elements include strict approval processes for AI deployments (45%), use of AI governance technology (41%) and employee training on AI risks (37%).
- AI and automation reduce average breach costs: Organisations that extensively used AI and security automation reported lower breach costs at R36.2-million – 32% lower than those that had no use of AI and security automation at R53.7-million. Those that used AI and security automation also saw a lower mean time to identify the breach and a lower mean time to contain it.
Use of shadow AI – unauthorised by the company or its IT department – increased the cost of a data breach by R2.2-million.
The most common initial causes of data breaches in 2025 were third-party vendor and supply chain compromise, which accounted for 17% of incidents and carried an average cost of R29.6-million.
Average costs
Compromised credentials, phishing and denial-of-service attacks each made up 13% of breaches, with average costs of R48-million, R50.4-million and R 38.8-million, respectively.
The 2025 Cost of a Data Breach Report analysed real-world data breaches from over 600 organisations worldwide from March 2024 to February 2025, including organisations from South Africa. It was conducted by Ponemon Institute and sponsored and analysed by IBM. – © 2025 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here.
Don’t miss:
Hackers tighten grip as ransomware epidemic hits South Africa hard
