Kroll survey: 76% of companies have suffered an AI-related security incident
What Happened
Kroll's global cyber resilience research, released April 21 with Sapio Research, surveyed 1,000 cybersecurity decision-makers at firms with $50M to $5B+ in revenue across ten countries. 76% reported an AI-related security incident in the prior two years. 27% incurred costs over $1 million per incident. 89% of organizations with low cyber maturity reported incidents, versus 54% of high-maturity firms.
My Take
The 76% number is being pitched as a wake-up call. It is the new floor instead. AI security incidents are becoming as routine as phishing, and CISOs are moving past prevention toward containment and recovery. The gap between mature and immature programs is striking — it suggests the discipline can be learned, not that the threat is unknowable. Prediction: AI-incident response becomes a separately purchased line item in cyber insurance policies before year-end, distinct from breach coverage.
Read Original Source