Full Report
Generative AI (GenAI) has quickly become a core in enterprise environments, but with its growing adoption comes significant security concerns. A recent report highlights 30-fold increase in the volume of data—including sensitive corporate information—being fed into GenAI applications over the past year. The findings highlights the urgent need for businesses to reevaluate their security strategies as AI-driven tools become embedded in daily workflows. The report reveals that enterprise users are increasingly sharing sensitive data such as source code, regulated information, passwords, and intellectual property with GenAI applications. Adding to the challenge, 72% of enterprise users access GenAI apps using personal accounts rather than company-managed platforms. This growing trend of "shadow AI"—akin to the earlier shadow IT phenomenon—poses a major governance issue for security teams. Without proper oversight, businesses lack visibility into what data is being shared and where it is going, creating potential entry points for cyber threats. The Scope of AI Integration in Enterprises The report provides a comprehensive analysis of AI usage in the workplace, showing that 90% of organizations have adopted dedicated GenAI applications, while an even higher 98% are using software that integrates AI-powered features. Though only 4.9% of employees use standalone AI apps, a staggering 75% interact with AI-powered features in other enterprise tools. Security teams now face a new and evolving challenge: the unintentional insider threat. Employees may not realize the risks of sharing proprietary information with AI-driven platforms, making it essential for organizations to enforce strict data security measures. Shadow AI and Its Implications One of the report’s key findings is that shadow AI has become the primary shadow IT concern for organizations. Employees using personal accounts to interact with AI models mean businesses have little to no control over how their data is being processed, stored, or leveraged by third-party providers. The unregulated use of AI tools leaves companies vulnerable to data exfiltration and regulatory non-compliance. Organizations are increasingly adopting strict policies to mitigate these risks, with many choosing to block unapproved AI applications altogether. Security teams are also implementing Data Loss Prevention (DLP) solutions, real-time user coaching, and access controls to limit the risk of exposure. How Data is Being Exposed to AI The report identifies two main ways sensitive enterprise data is making its way into GenAI applications: Summarization Requests: Employees rely on AI tools to condense large documents, datasets, and source code. This increases the likelihood of exposing proprietary information to external AI systems. Content Generation: AI-powered applications are commonly used to generate text, images, videos, and code. When users input confidential data into these tools, they risk exposing sensitive details that could be used to train external models, leading to unintended data leaks. The Challenge of Early AI Adoption The rapid proliferation of AI apps has created an unpredictable security landscape. The report finds that early adopters of new AI tools are present in nearly every enterprise, with 91% of organizations containing users who experiment with newly released GenAI applications. This poses a security risk, as employees may unknowingly share proprietary data with unvetted platforms. To contend this issue, many businesses are taking a "block first, ask questions later" approach. Instead of trying to keep pace with the constant influx of new AI tools, they opt to preemptively block all unapproved applications while allowing only a vetted selection of AI services. This proactive approach minimizes the risk of sensitive data exposure and allows security teams to conduct proper evaluations before approving new tools. The Shift to Local AI Infrastructure A notable trend highlighted in the report is the increasing deployment of GenAI infrastructure within enterprises. Over the past year, the number of organizations running AI models locally has jumped from less than 1% to 54%. While this shift helps reduce reliance on third-party cloud providers and mitigates some external data leakage risks, it introduces new challenges. Local AI deployments come with their own security concerns, including supply chain vulnerabilities, data leakage, improper data output handling, and risks related to prompt injection attacks. To address these issues, organizations must strengthen their security posture by implementing best practices outlined in frameworks such as: The OWASP Top 10 for Large Language Model Applications The National Institute of Standards and Technology (NIST) AI Risk Management Framework The MITRE ATLAS framework for AI threat assessment A CISO’s Perspective on AI Security As AI-driven cyber threats evolve, Chief Information Security Officers (CISOs) are increasingly looking to existing security tools to help mitigate risks. Nearly all enterprises are now implementing policies to control AI tool access, limiting what data can be shared and which users can interact with specific AI applications. The report suggests that organizations should take the following tactical steps to strengthen their AI security strategies: Assess AI Usage: Identify which GenAI apps and infrastructure are in use, who is using them, and how they are being utilized. Implement Strong AI Controls: Regularly review security policies, block unauthorized apps, enforce DLP measures, and provide real-time user guidance to minimize risk. Strengthen Local AI Security: Ensure that any on-premise AI deployments align with industry security frameworks to prevent data leaks and cyber threats. While AI offers immense benefits in productivity and efficiency, it also presents new challenges that organizations must address. The findings of this report reinforce the importance of security policies, continuous monitoring, and proactive risk mitigation strategies to safeguard sensitive enterprise data in an AI-powered world.
Analysis Summary
# Main Topic
The rapid adoption of Generative AI (GenAI) in enterprise environments is leading to significant security risks, primarily driven by the massive increase in sensitive corporate data being fed into these applications, often through unmanaged "Shadow AI" usage.
## Key Points
- **Data Exposure Spike:** A 30-fold increase in the volume of corporate data fed into GenAI applications over the past year, including source code, regulated information, passwords, and intellectual property.
- **Shadow AI Dominance:** 72% of enterprise users access GenAI apps using personal accounts instead of company-managed platforms, creating a major corporate governance issue due to lack of visibility.
- **Pervasive Integration:** 90% of organizations have adopted dedicated GenAI applications, and 98% use software integrating AI-powered features. 75% of employees interact with AI features within existing enterprise tools.
- **Unintentional Insider Threat:** Employees risk exposing proprietary information without realizing the security implications of sharing data with AI platforms used for summarization or content generation.
- **Local AI Shift:** Usage of locally deployed GenAI infrastructure has surged from less than 1% to 54% in the past year, mitigating some third-party risks but introducing new internal concerns (supply chain vulnerabilities, prompt injection).
## Threat Actors
- **Implicit Threat:** The primary risk comes from the "unintentional insider threat"—employees leveraging GenAI tools without proper vetting or oversight.
- *(No specific external threat actor groups or APTs were detailed in relation to data exfiltration through GenAI in this context.)*
## TTPs
- **Data Input for Summarization:** Employees inputting large documents, datasets, and source code into AI models for condensation.
- **Data Input for Content Generation:** Feeding confidential details into AI tools to generate text, images, video, or code, risking training external models on sensitive data.
- **Shadow AI:** Accessing and utilizing unapproved GenAI applications using personal credentials.
- **Local Deployment Risks:** Potential reliance on supply chain components, poor handling of local data output, and vulnerability to prompt injection attacks in on-premise AI infrastructure.
## Affected Systems
- **Enterprise Data:** Sensitive corporate information, including source code, regulated information, passwords, and intellectual property.
- **AI Infrastructure:** Both external, third-party GenAI applications and newly deployed local/on-premise AI models (54% of organizations running local AI).
- **Enterprise Tools:** Software integrating AI-powered features (used by 98% of organizations).
## Mitigations
- **Policy Implementation:** Enforcing strict policies to control AI tool access, limiting data sharing, and restricting user interaction with specific AI applications.
- **Blocking Unapproved Apps:** Adopting a "block first" strategy against unvetted external AI applications.
- **Security Tool Implementation:** Deploying Data Loss Prevention (DLP) solutions and access controls.
- **User Guidance:** Providing real-time user coaching regarding data risks.
- **Local AI Hardening:** Aligning on-premise AI deployments with established security frameworks:
- OWASP Top 10 for Large Language Model Applications
- NIST AI Risk Management Framework
- MITRE ATLAS framework
- **Assessment:** Conducting thorough assessments of existing AI usage (which apps, who, and how they are utilized).
## Conclusion
The integration of GenAI presents an evolving security challenge centered on data governance and the rise of shadow AI. Organizations must move proactively by assessing usage, strictly controlling access via DLP and policy enforcement, and ensuring that both cloud and newly emerging local AI infrastructure adhere to modern security standards to prevent unintentional data leakage and regulatory non-compliance.
# Morning News Roll-up March 26, 2025
## Overview
The primary focus today is on the escalating security risks associated with enterprise Generative AI adoption, specifically the exponential growth of sensitive data exposure and the challenges posed by "Shadow AI." Other top stories include a major DeFi hack, cyberattacks in Malaysia, and new enforcement actions regarding cybersecurity in Hong Kong.
## Top Stories
### AI-Powered Productivity or Security Nightmare? The Risks of Enterprise AI
- Summary: Highlights a 30-fold increase in sensitive data being fed into GenAI apps, driven by 72% of users accessing these tools via personal accounts (Shadow AI). Details how employees expose proprietary data via summarization and content generation requests, and notes the trend toward securing risks via adoption of frameworks like OWASP LLM Top 10.
- Source: hxxps://thecyberexpress[.]com/ai-powered-productivity-or-security-nightmare/
### Abracadabra Cyberattack: How Hackers Drained $13M from DeFi Platform
- Summary: Reports on a significant financial cyberattack where hackers successfully drained $13 million from the Abracadabra decentralized finance (DeFi) platform.
- Source: hxxps://thecyberexpress[.]com/abracadabra-cyberattack/
### Malaysia Braces for Cyberattacks During Hari Raya: Cyber999 Issues Warning
- Summary: Alerts indicate that Malaysia is preparing for an expected rise in cyberattacks coinciding with the Hari Raya holiday, prompting a warning from Cyber999.
- Source: hxxps://thecyberexpress[.]com/cyber-threats-in-malaysia-ahead-of-hari-raya/