27% of phishing emails observed in 2024 contained over 1,000 characters, indicating the use of generative AI in their creation.

32% of organizations flag unsupervised data access by agents as a critical threat.

44% of organizations lack sufficient visibility and controls over GenAI tools.

Over a third of organizations worry about sensitive data being used in AI training.

Two in five organizations cite data loss via public or enterprise GenAI tools as a top concern.

When asked which egress channels for the outflow of sensitive data does your organization worry most about, 56% said Generative AI tools like ChatGPT.

45% of respondents are very concerned about sensitive data being shared with generative AI tools like ChatGPT.

Only 12% of organizations feel fully prepared to detect or respond to sensitive data being shared with GenAI tools.

43% of small companies (<100 employees) are concerned with the emergence of generative AI.

45% of medium companies (100-499 employees) are concerned with the emergence of generative AI.

47% of large companies (500-9999 employees) are concerned with the emergence of generative AI.

52% of very large companies (10000+ employees) are concerned with the emergence of generative AI.

36% of organizations say GenAI is somewhat concerning for API security.

10% of organizations were not confident at all in their ability to detect and respond to attacks leveraging Generative AI.

57% of organizations train developers on secure coding practices for AI-generated code.

3% of organizations are taking other measures to mitigate the risks of using Generative AI to develop APIs.

More than half (59%) of organizations are leveraging GenAI within their own security operations to streamline threat detection and risk mitigation.

9% of organizations have no plans to use GenAI in API development.

5% of organizations reported that GenAI is not a concern at all for API security.

13% of organizations reported using GenAI for all API development.