-Content by CyberNewswire-
The 2025 State of AI Data Security Report reveals a widening contradiction in enterprise security: AI adoption is nearly universal, yet oversight remains limited. Eighty-three percent of organisations already use AI in daily operations, but only 13 percent say they have strong visibility into how these systems handle sensitive data.
Produced by Cybersecurity Insiders with research support from Cyera Research Labs, the study reflects responses from 921 cybersecurity and IT professionals across industries and organisation sizes.
The data shows AI increasingly behaving as an ungoverned identity, a non-human user that reads faster, accesses more and operates continuously. Yet most organisations still use human-centric identity models that break down at machine speed. As a result, two-thirds have caught AI tools over-accessing sensitive information, and 23 percent admit they have no controls for prompts or outputs.
Autonomous AI agents stand out as the most exposed frontier. Seventy-six percent of respondents say these agents are the hardest systems to secure, while 57 percent lack the ability to block risky AI actions in real time. Visibility remains thin: nearly half report no visibility into AI usage and another third say they have only minimal insight leaving most enterprises unsure where AI is operating or what data it touches.
More from Artificial Intelligence
- OpenAI Just Made AI Cheaper And Faster. What Does That Mean For SaaS Startups?
- Are Middle East Data Centres Still A Viable Investment?
- Move Over NVIDIA: Tesla Is Building Its Own AI Chips and Startups Should Take Notice
- Microsoft, Amazon and OpenAI Are All Launching Health AI. Where Does That Leave HealthTech Startups?
- How Has Anthropic’s Conflict With Pentagon Impacted The Wider Competition Landscape In AI?
- Anthropic Continues To Push Back Against Pentagon Over Autonomous Weapons And Mass Surveillance
- “If They Knew, They Wouldn’t Be Recording”: Meta’s Ray-Ban Smart Glasses Trigger A Major Privacy Lawsuit
- Singapore Positions Itself As A Global AI Leader Through Workforce Training
Governance structures lag behind adoption as well. Only 7 percent of organisations have a dedicated AI governance team, and just 11 percent feel prepared to meet emerging regulatory requirements, underscoring how quickly readiness gaps are widening.
The report calls for a shift toward data-centric AI oversight with continuous discovery of AI use, real-time monitoring of prompts and outputs, and identity policies that treat AI as a distinct actor with narrowly scoped access driven by data sensitivity.
“AI is no longer just another tool, it’s acting as a new identity inside the enterprise, one that never sleeps and often ignores boundaries,” said Holger Schulze with Cybersecurity Insiders. “Without visibility and robust governance, enterprises will keep finding their data in places it was never meant to be.”
As the report cautions: “You cannot secure an AI agent you do not identify, and you cannot govern what you cannot see.”
-This is a paid press release published via CyberNewswire-
