The Ottawa-IBM Cyber Range at the University of Ottawa is pictured on Wednesday. (Photo: The Canadian Press/Justin Tang)
A fresh report from IBM and the Ponemon Institute reveals that while much of the world is seeing data breach costs fall, Canada is moving in the opposite direction. The global average for a data breach dropped to $6.4 million between March 2024 and February 2025 — a small but notable dip from $6.6 million the year before. However, in Canada, that number climbed sharply.
Canadian organizations are now paying an average of $6.98 million per breach, a jump of over 10% from the previous year's $6.32 million. According to Daina Proctor, IBM Canada’s security delivery leader, this increase is driven largely by higher costs for detecting and managing breaches.
In Canada, identifying a breach and responding to it — including hiring forensic investigators, legal experts, regulatory compliance teams, and crisis communication professionals — costs an average of $470,000. That’s just the start. Post-breach recovery adds another $270,000 to the bill.
One of the major factors pushing these costs higher is Canada’s slower adoption of AI-powered cybersecurity tools. Without advanced automated systems, Canadian companies often take longer to detect and contain threats. That delay adds to the damage and increases the recovery workload.
Meanwhile, recent cybersecurity incidents across Canada, such as breaches at Nova Scotia Power, PowerSchool, and the College of New Caledonia, highlight how widespread and frequent these issues are becoming.
While most countries are improving their response time and seeing cost reductions, Canada isn't alone in its struggle. The United States, India, nations in the Association of Southeast Asian Nations, and the Benelux region (Belgium, the Netherlands, and Luxembourg) have all seen data breach costs rise.
In the U.S., for example, the average cost of a data breach has soared to an all-time high of $10.22 million. The most costly breaches tend to hit health care providers hardest, followed closely by companies in finance, manufacturing, and energy.
One rising threat contributing to this trend is “shadow AI.” This term refers to artificial intelligence tools used by employees without their employer’s knowledge or approval. While these tools might help with productivity, they often access sensitive information or interact with external platforms beyond the company’s control.
Proctor warns that shadow AI has become one of the most dangerous blind spots in corporate security. When these unsanctioned tools are exploited by hackers, they can lead to massive data leaks — putting entire systems and supply chains at risk.
About 20% of companies in the study reported that shadow AI was the cause of at least one breach. Those organizations also reported higher breach costs, with shadow AI adding nearly $1 million more to their damage bills.
To fight back, IBM recommends companies offer secure and approved AI alternatives to employees. Regular audits and compliance checks can also help identify risky behaviour before it leads to a full-blown crisis.
