Latest news with #StateofDataSecurityReport
Techday NZ
20-05-2025
- Business
- Techday NZ
AI tools expose sensitive data at 99% of organisations
A report from Varonis has found that 99% of organisations have sensitive data exposed to artificial intelligence tools due to security shortcomings. The State of Data Security Report: Quantifying AI's Impact on Data Risk examined the data risk landscape in 1,000 real-world IT environments, focusing on how AI-driven technology may amplify the vulnerability of sensitive information. The findings suggest that widespread issues such as misconfigurations, overly permissive access, and other data security gaps are contributing to the exposure of confidential data. "The productivity gains of AI are real — and so is the data security risk," said Varonis Chief Executive, President, and Co-Founder Yaki Faitelson. "CIOs and CISOs face enormous pressure to adopt AI at warp speed, which is driving the adoption of data security platforms." "AI runs on data, and taking a data-centric approach to security is critical to avoid an AI-related data breach," Faitelson continued. Varonis conducted its analysis by assessing data from nearly 10 billion cloud resources, spanning more than 20 petabytes, across commonly used infrastructure-as-a-service and software-as-a-service applications. These included AWS, Microsoft Azure, Google Cloud, Box, Salesforce, Microsoft 365, Okta, Databricks, Slack, Snowflake, and Zoom, among others. The report found that 99% of organisations surveyed had sensitive data unnecessarily exposed to AI tools. Moreover, 90% of sensitive cloud data, including data used for AI training, was open and accessible to AI-powered tools, raising concerns about the potential for unintended data leakage. The report also revealed that 98% of organisations had unverified applications, including instances of so-called shadow AI, within their environments. This means that unauthorised or unmanaged AI applications are operating in the background, potentially increasing the risk of data breaches and compliance failures. Another key finding highlighted that one in seven organisations did not enforce multi-factor authentication across their SaaS and multi-cloud environments. Organisations may be more susceptible to unauthorised access and related risks without multi-factor authentication. The analysis further noted that 88% of organisations had ghost users—accounts that are no longer in active use but have not been de-provisioned—lingering in their environments. If left unchecked, such accounts can provide an entry point for cybercriminals. The empirical approach of the study sets it apart, as Varonis stated it was based on the analysis of active organisational environments rather than self-reported surveys about AI readiness. This method provided a more accurate reflection of the current state of cloud and data security risks associated with AI adoption. The increasing drive for AI-enabled productivity is evident in IT environments, but the report points out that many organisations may not have implemented the necessary controls for safeguarding sensitive information. The findings suggest that a technical and policy focus on closing security gaps and reducing unnecessary data exposure is required to mitigate the potential risks.
Yahoo
20-05-2025
- Business
- Yahoo
AI is a Ticking Time Bomb for Your Data, Reveals New Report From Varonis
The State of Data Security Report shares findings from 1,000 real-world IT environments to uncover the dark side of the AI boom Varonis' State of Data Security Report: Exposing Data at Risk in the Age of AI MIAMI, May 20, 2025 (GLOBE NEWSWIRE) -- A new report from Varonis reveals 99% of organizations have sensitive data exposed to AI. The State of Data Security Report: Quantifying AI's Impact on Data Risk examines how much sensitive information is exposed and vulnerable to AI tools due to misconfigurations, overly permissive access, and other data security gaps. 'The productivity gains of AI are real — and so is the data security risk,' said Varonis CEO, President, and Co-Founder Yaki Faitelson. 'CIOs and CISOs face enormous pressure to adopt AI at warp speed, which is driving the adoption of data security platforms. AI runs on data, and taking a data-centric approach to security is critical to avoid an AI-related data breach.' Varonis analyzed data risk assessments from 1,000 organizations — providing empirical evidence of risk, not conclusions based on AI readiness surveys and polls. The dataset included nearly 10 billion cloud resources — over 20 petabytes of data — within popular IaaS and SaaS applications and services, including AWS, Microsoft Azure, Google Cloud, Box, Salesforce, Microsoft 365, Okta, Databricks, Slack, Snowflake, Zoom, and many others. In the organizations examined, Varonis found: 99% have sensitive data unnecessarily exposed to AI tools. 90% of sensitive cloud data, including AI training data, is open and accessible to AI tools. 98% have unverified apps, including shadow AI, within their environments. 1 in 7 do not enforce MFA across SaaS and multi-cloud environments. 88% have ghost users lurking in their environments. Get the State of Data Security Report: Exposing Data at Risk in the Age of AI. Additional Resources: See Varonis in action: schedule a 30-minute demo. Check out these Varonis integrations. For more information on Varonis' solution portfolio, please visit Visit our blog and join the conversation on X, LinkedIn, and YouTube. About VaronisVaronis (Nasdaq: VRNS) is the leader in data security, fighting a different battle than conventional cybersecurity companies. Our cloud-native Data Security Platform continuously discovers and classifies critical data, removes exposures, and detects advanced threats with AI-powered automation. Thousands of organizations worldwide trust Varonis to defend their data wherever it lives — across SaaS, IaaS, and hybrid cloud environments. Customers use Varonis to automate a wide range of security outcomes, including data security posture management (DSPM), data classification, data access governance (DAG), data detection and response (DDR), data loss prevention (DLP), AI security, and insider risk management. Varonis protects data first, not last. Learn more at Investor Relations Contact:Tim PerzVaronis Systems, Inc.646-640-2112investors@ News Media Contact:Rachel HuntVaronis Systems, Inc.877-292-8767 (ext. 1598)pr@ A photo accompanying this announcement is available at in to access your portfolio
