2025 Data Security Landscape

Resolving a data loss incident can take between one and four weeks for more than one in five organizations (21%).

Just 1% of users are responsible for 76% of data loss events.

46% of organizations cite cloud and SaaS data sprawl as a top challenge. ).

32% of organizations flag unsupervised data access by agents as a critical threat.

31% of organizations say redundant or obsolete data poses significant risk.

Over a third of organizations worry about sensitive data being used in AI training.

Over a quarter (29%) of organizations saw their data grow 30% or more over the past year.

32% of organizations attribute their most significant data loss events to malicious insiders.

Among enterprises with over 10,000 employees, 41% manage more than a petabyte of data.

44% of organizations lack sufficient visibility and controls over GenAI tools.

Respondents reported an average of 11 data loss incidents per year, with some organizations experiencing multiple incidents each month.

58% of organizations attribute their most significant data loss events to careless employees or third-party contractors.

27% of cloud storage is abandoned (unused data that inflates costs and widens the attack surface).

Two-thirds (65%) of organizations have already deployed AI-enhanced data security capabilities to classify data.

64% of organizations rely on six or more data security vendors.

Two in five organizations cite data loss via public or enterprise GenAI tools as a top concern.

42% of organizations attribute their most significant data loss events to compromised users.