SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Malware
#
Firewalls
#
Network Security

GenAI surge boosts productivity but raises security concerns

Wed, 11th Jun 2025
Author image
By Sean Mitchell, Publisher

Organisations have rapidly integrated generative AI (GenAI) into critical business operations, prompting both significant productivity gains and an increase in complex security risks.

According to a recent report released by Palo Alto Networks, which draws insights from over seven thousand customers worldwide, the adoption of GenAI has experienced a marked escalation, moving from a novelty to becoming an organisational necessity during 2025. The company's Senior Vice President of Network Security, Anand Oswald, authored the report, entitled "The State of Generative AI in 2025." The findings highlight both the positive impact of GenAI and the pressing need for robust security strategies.

Surging adoption

Palo Alto Networks' analysis shows that GenAI traffic within enterprises rose by over 890% in 2024, a figure that underscores the technology's transition from hype to critical utility. The report indicates notable surges, with a significant rise in October that may correspond to the scaling up of production initiatives across organisations.

This increase in GenAI usage reveals a trend where tools are introduced into workplaces at an accelerated rate—often without formal approval or oversight from IT departments. As the report notes, this presents new challenges for chief information security officers (CISOs), chief information officers (CIOs), and other IT security professionals in managing the organisational impact of unvetted AI tools.

Rising data security incidents

Correlated with the increased adoption of GenAI is a substantial growth in data security incidents relating to its use. The report states that data loss prevention (DLP) incidents linked to GenAI use more than doubled in early 2025. On average, organisations now face a 2.5-fold increase in monthly GenAI-related data incidents, representing 14% of all data security incidents detected in SaaS traffic.

The proliferation of GenAI applications is evident, with an average of 66 different GenAI applications in use within each organisation. Of these, around 10% are classified as high risk. The report raises concerns about 'shadow AI', a term referring to employees' unauthorised use of AI tools without IT approval or knowledge. This can expose businesses to the loss of sensitive data, regulatory breaches, and loss of control over intellectual property.

The observations from the report underscore a new era of risks for enterprises. "Shadow AI," the unauthorized use of AI tools by employees without IT knowledge or approval, means businesses are at heightened risk of exposing sensitive data, violating regulations and losing control of intellectual property.

Regulatory challenges

The report also highlights difficulties presented by a rapidly evolving regulatory environment. New and emerging laws governing AI and data usage are being established worldwide, raising the stakes for compliance and increasing business uncertainty. Noncompliance may carry substantial penalties, and stringent controls are often required to protect personal and sensitive information processed by GenAI applications.

"The uncomfortable truth is that for all its productivity gains, there are many growing concerns – including data loss from sensitive trade secrets or source code shared on unapproved AI platforms. There's also the risk in using unvetted GenAI tools that are vulnerable to poisoned outputs, phishing scams, and malware disguised as legitimate AI responses," the report states.

Security measures

Against this backdrop, Palo Alto Networks is recommending a 'proactive, multilayered approach' to GenAI governance and risk mitigation for organisations seeking to capitalise on AI's benefits while minimising exposure. A series of best practices are suggested, including:

Organisations are advised to understand and control GenAI usage within their networks, implementing conditional access management that limits who can access specific AI platforms and applications based on various criteria such as user roles, device compliance, and business justification.

The report advocates for real-time content inspection and centralised policy enforcement to guard sensitive data from unauthorised access or leakage, deploying these controls across organisational infrastructure and within data security workflows.

A zero trust security framework is also recommended to defend against sophisticated AI-based threats, including sophisticated malware and malicious content that may be masked as legitimate GenAI application responses.

Management commentary

Summarising the findings, the report stresses the importance of comprehensive security management as AI usage scales within enterprises. The increasing reliance on unsanctioned AI tools can expose organisations to "greater risk of data leakage, compliance failures and security challenges."

The report calls for prioritisation of data controls, robust access management, and continuous employee training. It says: "It is imperative not to let the speed of innovation outpace your safeguards. To harness the full potential of GenAI while mitigating its risks, prioritizing strong data controls, access management and ongoing employee training is crucial for laying the foundation for secure GenAI adoption."

Security solutions

Palo Alto Networks points to its own "AI Access Security" technology as a means for organisations to manage these risks. The company states that the solution enables safe use of third-party GenAI applications by offering real-time oversight, governance, advanced threat detection, and prevention of sensitive data exposure. The goal is to allow businesses to realise the advantages of GenAI without sacrificing their security posture.

The report concludes by encouraging organisations to acquaint themselves fully with the current GenAI landscape in order to build effective, up-to-date security strategies. "The future of AI in the enterprise is unfolding now. Don't get left behind, or worse, let your organization be exposed to security risks. Dive into 'The State of Generative AI in 2025' report to understand the current landscape, navigate the benefits and risks of GenAI, and learn how to build a robust security strategy that keeps pace with AI innovation. Equip yourself with the knowledge to champion secure GenAI adoption and insights that position you for success in the AI revolution."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
SMBs overestimate cyber readiness as tools & AI uptake lag
Over 80,000 Microsoft Entra ID accounts hit by major takeover campaign
Milestone launches Project Hafnia for AI-driven city management
Digital.ai launches Quick Protect Agent for rapid app defence
Swimlane secures USD $45m funding to drive AI automation growth
Top stories
Upwind names Rinki Sethi Chief Security Officer amid growth
Fake booking sites push malware as HP warns of click fatigue
Red Canary deploys AI agents to slash security investigation times
ReliaQuest details Black Basta’s legacy & rise of Teams phishing
Salesforce industry cloud flaws put sensitive data at global risk