Bedrock Security has recently revealed that enterprises are facing a significant challenge when it comes to visibility into their own data, which is leading to increased security risks. As organizations and their employees continue to adopt AI technology, the lack of visibility into data is becoming a growing concern.
According to a recent study conducted by Bedrock Security, the majority of organizations are struggling to track sensitive information across their sprawling cloud environments. This lack of visibility not only leaves them vulnerable to data breaches but also puts them at risk of compliance failures. The research also highlights a shift in security roles, with nine out of ten professionals reporting that their responsibilities have evolved in the past year, particularly in the areas of data governance and AI oversight.
Cybersecurity professionals have reported gaps in finding and classifying organizational data across production, customer, and employee data stores. A staggering 53% of security teams lack continuous and up-to-date visibility, with most of them taking days or even weeks to identify and locate sensitive data assets. This delay in identifying sensitive data assets increases the risk of data breaches, especially as the average cost of a data breach has risen to nearly $5 million.
Bruno Kurtic, CEO at Bedrock Security, emphasized the widespread nature of the problem, stating that organizations are generating, copying, and storing data across multiple environments, creating numerous blind spots. A concerning finding from the survey is that 76% of organizations are unable to produce a complete data asset inventory within hours when needed for compliance or security incidents, leaving them vulnerable to fast-moving threat actors.
The research also reveals a significant shift in security responsibilities, with 86% of professionals reporting changes in their role over the past year. These changes include an increased focus on infrastructure security and taking on new data-centric responsibilities, particularly in the area of AI data. The survey also highlighted specific changes in roles based on job titles, such as CISOs/CSOs/CTOs taking on new data discovery responsibilities for AI initiatives.
One of the key findings of the research is that most organizations struggle to track what data feeds into their AI systems, with 48% expressing high confidence in controlling sensitive data used for AI/ML training. This lack of control poses serious risks for data leakage, compliance violations, and reputational damage. Security teams identified the top four AI security hurdles, including struggles in classifying sensitive data used in AI/ML systems and enforcing policies on training data usage.
Overall, the study emphasizes the need for organizations to focus on AI/ML data usage governance, strengthen policy enforcement across cloud environments, improve data classification, and enhance security tools with better data awareness. By addressing these priorities and collaborating around a unified solution for data security and management challenges, organizations can better protect their sensitive information in the evolving landscape of AI adoption and increasing security risks.