AI tools expose sensitive data at 99% of organisations
The State of Data Security Report: Quantifying AI's Impact on Data Risk examined the data risk landscape in 1,000 real-world IT environments, focusing on how AI-driven technology may amplify the vulnerability of sensitive information. The findings suggest that widespread issues such as misconfigurations, overly permissive access, and other data security gaps are contributing to the exposure of confidential data.
"The productivity gains of AI are real — and so is the data security risk," said Varonis Chief Executive, President, and Co-Founder Yaki Faitelson. "CIOs and CISOs face enormous pressure to adopt AI at warp speed, which is driving the adoption of data security platforms."
"AI runs on data, and taking a data-centric approach to security is critical to avoid an AI-related data breach," Faitelson continued.
Varonis conducted its analysis by assessing data from nearly 10 billion cloud resources, spanning more than 20 petabytes, across commonly used infrastructure-as-a-service and software-as-a-service applications. These included AWS, Microsoft Azure, Google Cloud, Box, Salesforce, Microsoft 365, Okta, Databricks, Slack, Snowflake, and Zoom, among others.
The report found that 99% of organisations surveyed had sensitive data unnecessarily exposed to AI tools. Moreover, 90% of sensitive cloud data, including data used for AI training, was open and accessible to AI-powered tools, raising concerns about the potential for unintended data leakage.
The report also revealed that 98% of organisations had unverified applications, including instances of so-called shadow AI, within their environments. This means that unauthorised or unmanaged AI applications are operating in the background, potentially increasing the risk of data breaches and compliance failures.
Another key finding highlighted that one in seven organisations did not enforce multi-factor authentication across their SaaS and multi-cloud environments. Organisations may be more susceptible to unauthorised access and related risks without multi-factor authentication.
The analysis further noted that 88% of organisations had ghost users—accounts that are no longer in active use but have not been de-provisioned—lingering in their environments. If left unchecked, such accounts can provide an entry point for cybercriminals.
The empirical approach of the study sets it apart, as Varonis stated it was based on the analysis of active organisational environments rather than self-reported surveys about AI readiness. This method provided a more accurate reflection of the current state of cloud and data security risks associated with AI adoption.
The increasing drive for AI-enabled productivity is evident in IT environments, but the report points out that many organisations may not have implemented the necessary controls for safeguarding sensitive information. The findings suggest that a technical and policy focus on closing security gaps and reducing unnecessary data exposure is required to mitigate the potential risks.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
3 days ago
- Techday NZ
Salesforce unveils Agentforce to speed up quoting for sellers
Salesforce has introduced Agentforce for Revenue, a new feature embedded within Revenue Cloud, designed to significantly reduce the time and effort sales representatives spend on generating and managing quotes. According to Salesforce, Agentforce for Revenue enables sales teams to produce accurate quotes in seconds by simply describing their requirements, such as "Quote 25 licenses with a 10% discount." The tool then automatically configures the relevant products, pricing, and legal terms. Internally, Salesforce reports that Agentforce has reduced quoting times by 75% and cut the number of required clicks by 87% for its own sales personnel. Cutting manual work The solution aims to relieve sellers of the administrative burden typical in quote generation. Sales representatives often need to navigate through multiple SKUs, interpret complex pricing, check legal conditions, and wait for various approvals, all of which can introduce errors or delays in the sales cycle. Salesforce states that these issues directly impact deal velocity and revenue growth. "Revenue Cloud is transforming the way we do business," said Bill Francy, President of Client Services at AdMed, Inc. "We're currently piloting the new quoting agent, and we expect it to cut manual work, accelerate deal cycles, and get quotes to clients faster than ever. It's not just about efficiency. It's about unlocking more closed-won opportunities and scaling smarter." AdMed, a provider of training in the pharmaceutical and biotech sectors, is among the customers already piloting the new tools. Bill Francy's comments reflect expectations that Agentforce will simplify work processes and help to accelerate outcomes in sales operations. Product configuration enhancements In addition to fast quote generation, Revenue Cloud now features an enhanced Product Configurator. This system allows sellers to tailor complex offerings, handling quotes with over a thousand line items. Salesforce notes that the configurator incorporates a constraint-based logic engine, supplementing the typical rules-based configuration to accommodate complex business needs. It uses bidirectional rules and templates intended to simplify maintenance and speed up the process of getting quotes to customers. The company likens this new engine to a GPS for quoting, driving representatives towards valid configurations in real time and further reducing time-to-quote. API-first architecture Another major change highlighted by Salesforce is the platform's API-first design. Every revenue process is now embedded as an API, which allows businesses to easily connect revenue channels, deploy agents, and scale automation through various interfaces. This flexible architecture enables the deployment of Agentforce on any channel and integrates revenue processes across different segments of a business. "Salesforce CPQ helped usher in the second wave of revenue management by enabling recurring revenue at scale," said Meredith Schmidt, EVP and GM of Revenue Cloud at Salesforce. "Now, with Revenue Cloud, we're delivering the third wave: revenue management powered by an API-first, composable, and agent-ready platform that lets revenue flow seamlessly across every channel, from sales reps and partner portals to self-service and field service." Unified data and security Agentforce and Revenue Cloud combine structured and unstructured data - such as purchase histories, product catalogues, and asset insights - into Salesforce's Data Cloud. The company states that this unified data powers Agentforce's artificial intelligence, allowing teams to automate tasks beyond simple suggestions, and to deploy agents that can carry out end-to-end sales activities autonomously. Salesforce also emphasises security, with Agentforce operating within employee-specific permissions and adhering to internal policies and pricing rules via the Salesforce Trust Layer. This is designed to prevent unauthorised data access while ensuring compliance throughout the quoting process. Additional features The latest release of Revenue Cloud introduces several further capabilities. Sellers can use Agentforce within Slack and directly from Salesforce opportunity, quote, and account records. This integration aims to streamline workflows by allowing quotes to be generated, edited, and finalised without switching between different tools. Revenue Cloud Billing supports end-to-end processes from quote to invoice, while embedded analytics give real-time visibility into revenue operations via Tableau Next. Salesforce confirms ongoing support for existing Salesforce CPQ customers, allowing them to continue using their current systems with full contract support and the ability to add licences. The company offers a network of partners to assist businesses interested in migrating to Revenue Cloud and adopting its new agent-assisted capabilities.
Techday NZ
5 days ago
- Techday NZ
Saviynt & AWS partner to enhance AI-driven identity security
Saviynt has entered into a strategic collaboration agreement with Amazon Web Services (AWS) to advance the delivery of AI-powered identity security solutions for organisations. The partnership will bring together Saviynt's Identity Cloud platform and AWS's generative AI services, notably Amazon Q Business, to enhance Identity Security Posture Management (ISPM) through deeper technological integration. This collaboration aims to provide organisations with a scalable and secure digital foundation for their transformation initiatives. Integration with Amazon Q Business Under the terms of the agreement, Saviynt's identity security platform will be embedded as a Data Accessor within the Amazon Q index. This native integration will enable real-time access to identity data and governance insights within the AWS ecosystem, targeting improved security posture and risk mitigation for enterprise clients. "We are excited to collaborate with AWS to bring Saviynt's next-generation identity governance into the Amazon Q ecosystem. This native integration in Amazon Q Business will help organizations embed AI-driven identity insights into critical workflows and drive stronger cloud security outcomes," said Paul Zolfaghari, President at Saviynt. The collaboration involves dedicated AWS support in co-selling, marketing, and further product development efforts. The integration is designed to facilitate large organisations' ability to manage identity security at scale while leveraging advanced analytics driven by AI. Addressing identity risk Saviynt's participation as a native Data Accessor within Amazon Q index is positioned to help enterprises address a range of identity security challenges. This includes managing risk from fragmented security tools, unauthorised or shadow access, and the lack of consolidated visibility into the identity landscape across data, devices, and infrastructure. "Today's organizations face mounting identity risk from fragmented tools, shadow access, and limited visibility across data, devices, and infrastructure. By integrating Saviynt's intelligent identity governance with Amazon Q index's analytics platform, we're enabling enterprises to gain a unified, context-aware view of identity posture - driving smarter decisions, reducing risk, and accelerating Zero Trust maturity," said Vibhuti Sinha, Chief Product Officer at Saviynt. With these integrations, enterprise customers will be able to access a number of new capabilities within the Amazon Q experience: Faster compliance and audit reviews: Automated surfacing of access assignment events, approval tickets, and policy documentation to accelerate compliance checks and streamline audits. Automated surfacing of access assignment events, approval tickets, and policy documentation to accelerate compliance checks and streamline audits. Simplified investigations: Real-time, unified views of identity events and related tickets reduce the need for manual searches across platforms such as ServiceNow, Jira, GDrive, or SharePoint. Real-time, unified views of identity events and related tickets reduce the need for manual searches across platforms such as ServiceNow, Jira, GDrive, or SharePoint. More accurate access decisions: Improved validation of user access against compliance policies and documented approvals, supporting faster and more consistent governance outputs. Improved validation of user access against compliance policies and documented approvals, supporting faster and more consistent governance outputs. Greater operational efficiency: Quicker response times and enhanced productivity provided by seamless access to historical identity data and governance context. These new features are expected to have significant impact in regulated industries, including financial services, healthcare, and manufacturing, where audit readiness, compliance, and least-privilege access are high priorities and often mandated by regulation. The collaboration marks continued investment from both AWS and Saviynt in co-developing solutions tailored to the challenges of digital transformation in large, complex organisations. The integration of identity security posture management with generative AI is intended to streamline governance, reduce manual intervention, and help enterprises align with zero trust security models. Both companies point to the opportunity to provide organisations with more responsive, reliable, and context-rich identity governance as the broader business landscape continues to digitise and evolve regulatory frameworks around data, privacy, and security practices. Follow us on: Share on:
Techday NZ
6 days ago
- Techday NZ
Cyber threats surge with rise in infostealers & Linux attacks
Barracuda Networks researchers have reported a notable rise in cyber threats over the past month, with substantial increases in infostealer attacks, threats targeting Linux servers, and suspicious login attempts to AWS consoles. Infostealer attacks Barracuda's SOC threat analysts identified a 35% increase in detections related to infostealer malware, which is used to steal credentials, hijack sessions, conduct cyber espionage, and facilitate data exfiltration. Interpol recently decommissioned 20,000 IP addresses linked to 69 infostealer variants. The report outlined the primary methods through which infostealers are delivered. Attack vectors include phishing emails urging users to click on malicious links or download infected attachments, drive-by downloads from websites, software exploits targeting unpatched vulnerabilities, and bundled software, especially pirated applications. Specific signs pointing to infostealer activity within an organisation include sudden or unusual account activity, a surge in help desk requests linked to lost credentials, system slowdowns, and unexpected pop-ups or ads, which may signal malware presence. "A robust endpoint security solution such as Barracuda Managed XDR Endpoint Security that can detect and block malware in real time is the best defence against infostealer malware." "Enforce the use of multifactor authentication (MFA) to make it harder for attackers to breach accounts even if credentials are compromised. Implement security awareness training for employees on the latest phishing tactics and safe browsing. Implement advanced email security to detect and block phishing attempts before they reach users. Keep systems and software updated with the latest security patches. Prevent employees from downloading and installing pirate versions of applications to their work accounts." Linux servers under threat The report also indicated a 56% jump in attacks on Linux servers. Among the reasons highlighted are a reported 3,300 new Linux vulnerabilities in 2025 alone, a 130% rise in the number of attacks over the previous year, and two critical vulnerabilities announced in June 2025. The widespread use of Linux systems for servers, cloud infrastructure, and IoT devices has contributed to these systems being frequently targeted. Threats include malware attacks such as ransomware, rootkits, backdoors, distributed denial of service (DDoS) attacks, exploitation of unpatched software flaws, and the hijacking of server resources for unauthorised cryptocurrency mining. Indicators of compromise might include traffic spikes to unfamiliar IP addresses, abnormal account behaviour, system slowdowns, and configuration changes to critical files. "Keep systems, including operating systems, and software updated with the latest security patches. Implement firewalls to restrict access to critical services and monitor incoming and outgoing traffic for suspicious activity." "Enforce strong password and authentication policies, and consider using key-based authentication for SSH (a cryptographic protocol for secure remote login) access to reduce the risk of brute-force attacks. Implement a robust backup and recovery plan to limit the operational impact and quickly restore services following an incident. Deploy an extended detection and response (XDR) solution - ideally covering endpoints, servers and networks - as this features intrusion detection systems (IDS) that monitor activity and alert administrators to potential threats in real time." AWS login concerns Analysts observed a 13% increase in suspicious login attempts to the AWS Management Console. While smaller than the increases seen for other attack categories, these attempts present notable risks, including credential theft, brute-force attacks, phishing using social engineering, and potential account takeover. A successful breach could allow attackers to manipulate AWS resources, exfiltrate data, or use compromised accounts for additional attacks. Warning signs include login attempts from unusual locations or IP addresses, a high number of failed logins, or sudden shifts in resource usage or account configurations. "Enforce the use of strong passwords and multifactor authentication (MFA) to make it harder for attackers to breach accounts even if credentials are compromised. Implement security awareness training for employees on the latest phishing tactics and safe browsing. Continuously check for and correct misconfigurations in cloud service settings. Implement network segmentation, and restrict employees' access permissions to limit access to sensitive areas of the network. Deploy an XDR cloud security solution that will check regularly for unusual login activity and flag any suspicious events." The report attributes these increases to a surge in cybercriminal activity targeting technological vulnerabilities and user awareness gaps, and outlines practical recommendations for organisations to reduce the risk of falling victim to such attacks.
