Enterprise AI and SaaS Data Security Report 2025

This report provides an analysis of enterprise AI and SaaS usage, focusing on blind spots, governance gaps, and data leakage channels. It highlights the rapid adoption of SaaS and Generative AI tools in enterprise environments, where nearly every business workflow is conducted through web browsers. The findings reveal that employees are increasingly accessing critical applications through unmanaged accounts and uploading sensitive files into Generative AI platforms, leading to significant data leakage risks. The report details how traditional data loss prevention (DLP) solutions are inadequate for these new challenges and emphasizes the need for a new approach to DLP that addresses both file-based and file-less data flows. It also discusses the prevalence of sensitive data being uploaded to AI tools and file-sharing platforms, with alarming statistics indicating that a substantial portion of these uploads contain personally identifiable information (PII) or payment card information (PCI). The report concludes with recommendations for Chief Information Security Officers (CISOs) to enhance data governance and security measures in light of these findings.