New research finds 83% of enterprises use AI, but only 13% have strong visibility into how it touches their data
Cyera, the fastest growing data security company, announced the launch of Cyera Research Labs, the company’s dedicated research arm focused on delivering clear, data-driven guidance at the intersection of AI and data security. The launch comes alongside the release of Cyera’s first flagship study, the 2025 State of AI Data Security Report, conducted in partnership with CyberSecurity Insiders.
Based on a survey of more than 900 IT and security leaders, the report highlights a widening readiness gap: while 83% of enterprises are already using AI, only 13% report strong visibility into how AI interacts with sensitive data.
Key Findings from the 2025 State of AI Data Security Report
- Autonomous agents drive risk: Three-quarters of respondents (76%) say autonomous AI agents are the hardest to secure; only 9% monitor AI activity in real time.
- AI as identity remains underdeveloped: Only 16% of organizations treat AI as its own identity class with dedicated policies, while a quarter of respondents (21%) grant broad data access to AI by default.
- Controls trail incidents: Two-thirds of respondents (66%) have already caught AI over-accessing sensitive data, but only 11% can automatically block risky activity.
- Governance is immature: Only 7% of respondents have a dedicated AI governance committee, and one in ten (11%) actually feel prepared for emerging regulation.
One survey participant captured the emerging reality when describing how the first alert didn’t come from a SIEM, but from a sales manager who questioned why an AI copilot could “magically” find a sensitive pricing deck. No exploit or zero-day, just default access, missing guardrails, and no monitoring at the prompt layer.
“These findings confirm what we’ve been hearing in the field from CISOs, CDOs, and other security professionals: AI adoption is outpacing governance, visibility, and controls,” said Shiran Bareli, VP of Research at Cyera. “Too often, the discussion centers on the power of AI and the benefits it brings to the organization without equal focus on the data it consumes and exposes. With Cyera Research Labs, we want to bring data to the forefront of these conversations and highlight the pressing challenges security teams are grappling with every day.”
The 2025 State of AI Data Security Report provides the first cross-industry baseline for AI governance, aligned to the OWASP Top 10 for LLM Applications, and covers adoption, visibility, monitoring, controls, access models, and governance readiness. The report also provides takeaways for security and data leaders, highlighting a pragmatic path forward to better implement an AI security program.
Catch more CIO Insights: CIOs and the Inferencing Economy: Planning for a Future Where AI is Always On
[To share your insights with us, please write to psen@itechseries.com ]
