Baltimore, MD, December 2nd, 2025, CyberNewsWire
The 2025 State of AI Data Security Report reveals a widening contradiction in enterprise security: AI adoption is nearly universal, yet oversight remains limited.
Eighty-three percent of organizations already use AI in daily operations, but only 13 percent say they have strong visibility into how these systems handle sensitive data.
Produced by Cybersecurity Insiders with research support from Cyera Research Labs, the study reflects responses from 921 cybersecurity and IT professionals across industries and organization sizes.
The data shows AI increasingly behaving as an ungoverned identity — a non-human user that reads faster, accesses more, and operates continuously. Yet most organizations still use human-centric identity models that break down at machine speed.
As a result, two-thirds have caught AI tools over-accessing sensitive information, and 23 percent admit they have no controls for prompts or outputs.
Autonomous AI agents stand out as the most exposed frontier. Seventy-six percent of respondents say these agents are the hardest systems to secure, while 57 percent lack the ability to block risky AI actions in real time.
Visibility remains thin: nearly half report no visibility into AI usage and another third say they have only minimal insight — leaving most enterprises unsure where AI is operating or what data it touches.
Governance structures lag behind adoption as well. Only 7 percent of organizations have a dedicated AI governance team, and just 11 percent feel prepared to meet emerging regulatory requirements, underscoring how quickly readiness gaps are widening.
The report calls for a shift toward data-centric AI oversight with continuous discovery of AI use, real-time monitoring of prompts and outputs, and identity policies that treat AI as a distinct actor with narrowly scoped access driven by data sensitivity.
“AI is no longer just another tool — it’s acting as a new identity inside the enterprise, one that never sleeps and often ignores boundaries,” said Holger Schulze with Cybersecurity Insiders. “Without visibility and robust governance, enterprises will keep finding their data in places it was never meant to be.”
As the report cautions: “You cannot secure an AI agent you do not identify, and you cannot govern what you cannot see.”
The full 2025 State of AI Data Security Report is available for download at: https://www.cybersecurity-insiders.com/portfolio/2025-state-of-ai-data-security-report-cyera/
Media Contact: [email protected]
About Cybersecurity Insiders
Cybersecurity Insiders provides strategic insight for security leaders, grounded in more than a decade of independent research and trusted by a global community of 600,000 cybersecurity professionals.
We translate shifting market trends into clear, actionable guidance that helps CISOs strengthen their programs, make informed technology decisions, and anticipate emerging risks.
We connect practitioners and innovators by giving CISOs the clarity needed to navigate a noisy market while helping solution providers align with real-world priorities.
We drive this alignment through evidence-backed research, strategic CISO guides, independent product reviews, data-driven message validation, and peer-validated recognition through the Cybersecurity Excellence Awards and AI Leader Awards.
More: https://cybersecurity-insiders.com
Contact
Founder
Holger Schulze
Cybersecurity Insiders
[email protected]