Akamai API Security Survey: AI-related API incidents top the list, costing Japanese companies approximately 246 million JPY per incident

Akamai has revealed new survey findings on how API security is impacted by the rise of AI adoption in the Asia-Pacific region. The Akamai API Security Impact Survey (APAC edition) found that 81% of APAC respondents experienced security incidents related to APIs in the past 12 months. Financial losses are also notable, with the average estimated cost per incident surging beyond 1 million USD (approximately 155 million JPY), significantly higher than the 580,000 USD reported in last year's survey. As AI changes the methods and scale of attacks, expanding blind spots are becoming increasingly clear.

The survey covered 640 cybersecurity decision-makers in China, India, Japan, and Singapore. 43% of respondents identified API attacks related to AI technologies—including applications, agents, and Large Language Models (LLMs)—as the most common type of incident. The findings also point to a lack of continuous visibility: only 22% of respondents claimed to have full insight into their APIs and an understanding of which APIs return sensitive information.

These results indicate an widening gap between the ambition for digitalization and security readiness. As companies rapidly deploy AI-enabled services, monitoring, managing, and protecting APIs has become more difficult, increasing risks such as service disruption, data leaks, and higher operating costs.

Reuben Koh, Director of Security Technology & Strategy for Akamai Technologies in the Asia-Pacific and Japan region, stated: "While organizations in APAC are rapidly expanding their AI utilization, the security foundations supporting this growth often lack the necessary robustness. Because APIs and AI work in tandem, enterprises must treat API security as a core element when building genuinely trustworthy AI systems."

Key highlights from the APAC survey:
- AI-related API attacks are the most common in APAC: 43% of respondents reported experiencing attacks on APIs related to AI technologies, apps, agents, or LLMs in the past year.
- India and Singapore reported the highest frequency of incidents: 93% of companies in India and 90% in Singapore experienced API security incidents in the past year.
- Japan recorded the highest average cost per incident: The average cost of API security incidents reached 1.59 million USD (approximately 246 million JPY) in Japan, compared to 1.33 million USD in Singapore.
- Security maturity remains uneven: While 72% of respondents stated they increased focus on API security compared to the previous year, only 19% reported having security testing fully integrated across the entire API software development lifecycle and CI/CD pipeline.

Across the four markets surveyed, companies are generally increasing focus on API security, clarifying ownership, and strengthening testing. However, as AI transitions from experimentation to scaling, the reality is that the benefits gained have not yet been translated into consistent protection.