Cloud and Threat Report: 2026

Clicks on phishing links decreased by 27%, from 119 per 10,000 users last year to 87 per 10,000 users this year.

60% of insider threat incidents involved personal cloud application instances in 2025.

The average organization saw a twofold increase in data policy violations related to generative AI applications over the past year.

The average organization experienced 223 incidents of data policy violations related to generative AI applications each month from October 2024 to October 2025.

The percentage of AI users utilizing personal AI applications decreased from 78% to 47% from 2024 to 2025.

87 out of every 10,000 users clicked on a phishing link each month in 2025.

The percentage of users uploading data to personal cloud applications increased by 21% over the past year, with 31% of users in the average organization uploading data monthly.

12% of organizations detected employee exposure to malware via GitHub each month in 2025.

Regulated data accounted for 54% of data policy violations linked to personal cloud applications in 2025.

The top 25% of organizations experienced an average of 2,100 data policy violation incidents per month across 13% of their generative AI user base in 2025.

The number of organizations implementing real-time controls on data sent to personal applications increased from 70% to 77% from the previous year.

The number of users utilizing SaaS generative AI applications tripled in the average organization from October 2024 to October 2025.