
Key facts.
- IBM's 2025 report: global average breach cost 4.44 million dollars; US average a record 10.22 million.source
- Shadow AI added about 670,000 dollars to average breach costs, with longer lifecycles (247 vs 241 days) and higher PII compromise (65% vs 53%).source
- 13% of organizations reported breaches of AI models or applications, and 97% of those lacked AI access controls.source
- Classic SDLC economics: a defect costs roughly 30x to 100x more after release than at design, and security defects follow the same curve.source
How do you actually make the budget case?
Put two numbers side by side. On one side, the cost of the controls: scoped permissions, an access-governance layer, runtime monitoring, and the engineering time to wire them in early. On the other, the expected cost of a breach weighted by its likelihood, using the IBM averages as your anchor and adding the shadow-AI premium if your agents touch unmanaged tools. The control side is a known, bounded number. The breach side is large, and the 97% figure tells you the likelihood isn't theoretical for teams that skip access controls.
Leadership responds to that framing because it's the same expected-value math they use everywhere else. You aren't asking for security as insurance against a vague fear. you're showing a bounded spend against a measured, dated loss.

Where does the money go furthest?
The cheapest dollar is the early one. Scoping permissions and adding monitoring while you build costs config and a logging layer. The same work after a breach is a redesign under pressure plus the breach itself. The 30x-to-100x late-fix curve isn't folklore, it's the default behavior of software cost, and security isn't exempt.
| Spend | Bounded control cost (early) | Expected breach cost (skipped) |
|---|---|---|
| Permission scoping | Config at tool wire-up | Part of 4.44M global average |
| Access governance | One governance layer | 97% of AI breaches lacked it |
| Runtime monitoring | Telemetry plus alerts | +670K shadow-AI premium, longer lifecycle |
this is where a Pattern Intelligence Layer turns into a line item leadership approves. Reliability and security at the pattern level mean the controls are bounded, reusable, and enforced on every run, so the spend is predictable and the protected surface is the whole agent, not one model. Predictable cost against a measured loss is the easiest budget conversation in security.
Frequently asked questions
what's the strongest single stat for a budget deck?
97% of organizations that suffered an AI-related breach lacked AI access controls (IBM 2025). It links a cheap control directly to the loss it prevents.
Breach costs dropped in 2025. Doesn't that weaken the case?
The drop came from faster AI-assisted containment, not from lower risk. Shadow-AI breaches still ran longer and cost more. The control case stands.
Isn't a better model cheaper than all these controls?
No. A stronger model still gets breached when defenses fall to adaptive attacks. Controls protect the pattern; the model is one swappable part of it.

