Cloud and Threat Report: 2025

Industries with the lowest AI adoption rates that will see increases next year include banking, state governments, local governments, and education. Even in these industries, adoption is already high, at or above 85%.

DLP adoption varies widely by industry, with the telecommunications sector leading all others at 64% DLP adoption for genAI.

At the current trajectory, 96% of organizations will be using genAI apps by the end of 2025.

The top 25% of organizations had at least 21% of their people using genAI apps, while the bottom 1% had just 1.7%.

Other types of data involved in policy violations include: intellectual property (16%), source code (13%), passwords and keys (11%), and encrypted data (1%).

The list of the top 10 most blocked AI apps are: QuillBot (33%), Beautiful.ai (31%), AiCHatting (30%), Pixlr (28%), Tactiq (27%), Writesonic (27%), DeepAI (24%), ElevenLabs (24%), Craiyon (24%), and Poe AI (23%)

Real-time, interactive user coaching is used in 34% of organizations to control genAI data risk by empowering individuals to make informed decisions about AI risk in real time.

The top apps for upstream activities to personal apps are Google Drive (95%), OneDrive (92%), LinkedIn (91%), Facebook (90%), Google Calendar (89%), Gmail (88%), ChatGPT (86%), Twitter/X (86%), Outlook.com (82%), and Google Gemini (78%).

In 2024, downloads of malicious content from popular cloud apps occurred in 88% of organisations at least once per month.

73% of organisations block at least one GenAI app, with a steady rate of 2.4 GenAI apps blocked on average year over year.

The top phishing targets by links clicked are cloud services (27%), banking (17%), telecommunications (13%), social media (11%), and government (10%).

The top 25% of retail organizations had at least 34% of people using genAI apps, while the top 25% in technology led all other industries with at least 41% of people using genAI apps. At the other end of the spectrum, banking trailed with only 3% of users in the average organization using genAI.

While 94% of organizations are using genAI apps, more than 99% of organizations have controls in place to mitigate the risks that genAI apps pose.

1.4 out of every 100 people encountered malicious content on the web or in the cloud each month during 2024. The most common types of content encountered were JavaScript-based Trojans.

The percentage of data policy violations in organizations is as follows: Source Code (40%), Regulated Data (32%), Intellectual Property (15%), and Passwords and Keys (13%)

Users leaking sensitive data through personal apps is top of mind for most organizations, with 66% of organizations using DLP to restrict data flow into personal apps.

7.8% of people in an organization use genAI apps on average, triple the average of 2.6% at the end of 2023.

19% of top web and cloud categories referring phishing pages are search engines, followed by shopping (10%), technology (8.8%), business (7.4%), and entertainment (5.7%).

Organizations with the highest average user counts include the retail and technology sectors, averaging more than 13% of their people using genAI apps

More than one out of every four users (26%) uploaded, posted, or otherwise sending data to personal apps.

The number of apps blocked by the top 25% of all organizations blocking genAI apps has more than doubled from 6.3 apps to 14.6 over the past year.

The percentage of data policy violations in organizations due to personal AI app usage is as follows: Regulated Data (60%), Intellectual Property (16%), Source Code (13%), Passwords and Keys (11%), and Encrypted Data (1%).

Organizations use an average of 9.6 genAI apps, up from 7.6 one year ago.

Enterprise users clicked on phishing lures at a rate nearly three times higher in 2024 compared to 2023.

More than eight out of every 1,000 users clicked on a phishing link each month, up 190% from last year.

Cloud applications were the top target for phishing campaigns, representing more than a quarter of all phishing clicks at 27%.

Malicious content downloads from popular cloud apps occur in 88% of organizations every month

DLP as a strategy for mitigating the genAI risk is growing in popularity globally at modest rates, from 42% in the summer of 2024 to 45% at the end of the year.

Microsoft was the most targeted brand among cloud apps at a rate of 42%.

In 2024, 88% of all employees used personal cloud apps each month.

ChatGPT is being used in 84% of organisations.

45% of organisations use DLP to control the flow of data into GenAI apps.

GenAI adoption continues to increase, with the number of genAI users nearly tripling year-over-year and 94% of organizations now using genAI apps, increasing data risk to organizations worldwide from 81% a year ago

DLP adoption continues to rise, with 45% of organizations using DLP to control data flow into genAI apps.

Organisational use of GenAI grew from 81% of companies using GenAI apps in 2023 to 94% in 2024.

Employee use rate of GenAI apps tripled from 2.6% of all people in organisations to 7.8%.

Organisations now use an average of 9.6 GenAI apps, up from 7.6 a year ago.

Adversary activity in 2024 mirrored the broader geopolitical landscape, with Russian groups TA577 and UAC-0050 and the Chinese group Salt Typhoon among the most active worldwide.

42% of users click on links targeting Microsoft credentials, followed by Adobe (18%), DocuSign (15%), Yahoo (10%), and AOL (5%).

GitHub is the top app for malicious downloads at 15%, followed by OneDrive (10%), Google Drive (6.7%), Amazon S3 (4.9%), and Box (1.5%)

34% of organisations use real-time interactive user coaching to empower individuals to make appropriate and informed decisions.

The top 25% of organizations now use at least 24 apps, while the bottom 25% use at most four apps. At the current trajectory, the average will increase modestly by another two apps in 2025

Most popular genAI apps based on the percentage of organizations using them are: ChatGPT (84%), Grammarly (57%), Google Gemini (53%), Microsoft Copilot (50%), Perplexity AI (47%), GitHub Copilot (35%), VEED (35%), Gamma (35%), Otter.ai (29%), and Writesonic (28%)

Blocking is common, with 73% of organizations blocking at least one app and the breadth of the blocks rising in the most aggressive organizations.

On average, the number of genAI apps blocked per organization has remained steady over the past year and is currently at 2.4 apps per organization.

There has been a significant increase in the number of apps blocked by the top 25% of organizations, where the number of blocked apps more than doubled from 6.3 to 14.6 over the past year

Only 27% of the time does the user proceed when presented with a real-time coaching prompt. The other 73% of the time, the user decides not to continue based on the information provided in the coaching prompt.

73% of the time, when prompted with warnings of a potential company violation, users opt not to proceed based on coaching information provided.

Phishing is on the rise globally, with 8.4 out of every 1,000 users (2.9 in 2023) clicking a phishing link per month, nearly triple last year’s average, with Microsoft 365 credentials being the top target.

Personal app use is rampant in the enterprise, with more than one out of every four users (26%) uploading, posting, or otherwise sending data to personal apps every month, with personal use of cloud storage, webmail, and genAI apps posing the most significant risks to organizations worldwide.

The most common type of data policy violation was for regulated data (60%), including personal, financial, or healthcare data being uploaded to personal apps.

The overwhelming majority of users (88%) use personal cloud apps each month, with 26% uploading, posting, or otherwise sending data to personal apps.

While 94% of organizations are using genAI apps, more than 99% of organizations have controls in place to mitigate the risks that genAI apps pose.