AI Adoption Is Skyrocketing, So Why Are Enterprises Still Flying Blind on Security?

By Cindy Huynh , Communications Manager

June 4, 2025

2 minute read

A new BigID report reveals just how unprepared organizations are for the risks AI brings—from data leaks to compliance failures. The AI Risk & Readiness in the Enterprise: 2025 Report is a wake-up call: despite the hype, most organizations still lack the guardrails to secure their AI initiatives.

Here’s the reality:

Only 6% of organizations have a mature AI security strategy.
Nearly half don’t have any AI-specific security controls.
And 64% lack visibility into their AI risks altogether.

That means enterprises are charging ahead with AI adoption without knowing who has access to sensitive data, how AI models are interacting with it, or how to stay compliant with fast-moving regulations.

Shadow AI Is Real. And It’s Growing.

The rise of unmonitored, unauthorized AI tools—known as Shadow AI—is making the situation even riskier. These tools are being used in the wild, bypassing corporate policies and opening the door to data leaks and compliance violations.

For many companies, it’s not just a gap in oversight but a full-blown blind spot.

AI Risk Looks Different in Every Industry

The report also dives into how key industries are struggling in different ways:

Financial services: Only 38% have AI-specific data protection, despite handling highly sensitive information.
Healthcare: More than half say complying with AI regulations is a major challenge.
Retail: 48% have no visibility into how AI models handle customer data.
Tech: Ironically, 42% of tech companies operate without any formal AI risk management strategy.

So What Can Companies Do About It?

BigID’s report outlines clear steps to help enterprises get ahead of the risk:

Monitor and respond to AI risks in real time.
Build AI-aware data governance strategies.
Put controls in place to rein in Shadow AI.
Align security and compliance strategies with global regulations through a holistic AI TRiSM (Trust, Risk, and Security Management) framework.

Organizations must rethink their approach to data in the age of AI. Implementing robust AI governance isn’t just about compliance—it’s about protecting your most valuable assets and gaining a competitive advantage through safer innovation.

– Eyal Sacharov, SVP of Research, BigID.

The Bottom Line

AI isn’t slowing down. Neither are the risks.

Download the full report to see how your organization stacks up—and what you can do to close the gap between AI ambition and AI security.

Book a demo today to learn more.

Cindy Huynh

Communications Manager

Cindy is a communications manager with over 7+ years of experience helping companies tell their stories to relevant stakeholders. At BigID, she is working with her team to tell a new story about why data security, privacy and governance is important through different PR campaigns and media outreach.

Contents

Shadow AI Is Real. And It’s Growing.
AI Risk Looks Different in Every Industry
So What Can Companies Do About It?
The Bottom Line

AI TRiSM: Ensuring Trust, Risk, and Security in AI with BigID

Download the white paper to learn what AI TRiSM is, why its important now, its four key pillars, and how BigID helps implement the AI TRiSM framework to ensure that AI-driven systems are secure, compliant, and trustworthy.

Download Whitepaper

See All Posts

5 Steps for Effective Data Security Governance

March 24, 2023

Data Protection

Data Curation Role in Data Management

March 27, 2025

Data Governance

Navigating Brazil's LGPD: Compliance Made Simple

May 16, 2023

Data Privacy