TL;DR: Eighty-five percent of organisations experienced at least one data loss incident in the past year, careless users drove 58% of cases, and just 1% of users accounted for 76% of data loss events, showing how human behaviour, sprawl, and AI are reshaping exposure, according to Proofpoint’s 2025 Data Security Landscape report. The governance problem is no longer only data classification but controlling who and what can move sensitive data at scale.
At a glance
What this is: The report finds that enterprise data loss is widespread, driven mainly by human behaviour, while AI agents and GenAI are adding a new layer of data exposure risk.
Why it matters: For IAM, NHI, and data security teams, the finding matters because access scope, visibility, and behaviour controls now have to cover both people and agent-driven interactions with sensitive data.
By the numbers:
- A striking 85% of organizations experienced at least one data loss incident in the past year.
- Just 1% of users account for 76% of data loss events.
- 29% of organizations saw their data increase by, se by 30% or more in the past year.
👉 Read Proofpoint's 2025 Data Security Landscape report on data loss, insiders, and AI
Context
Enterprise data security fails when organisations try to control sensitive information through fragmented tooling, incomplete visibility, and static policy assumptions that do not match how people and AI systems actually use data. In this report, data security is not just a classification problem, it is a governance problem across identity, access, and behaviour as GenAI and AI agents increase the number of actors touching sensitive data.
The identity angle is real because AI agents can act like non-human identities when they access, move, or disclose data without the same oversight applied to human users. That creates a control gap between data protection policy and runtime access behaviour, especially where cloud, SaaS, and collaboration systems already blur ownership boundaries. The article frames a typical enterprise condition, not an edge case.
Key questions
Q: How should security teams reduce data loss when a small number of users drive most incidents?
A: Focus controls on the identities and workflows that create disproportionate exposure. Use behaviour analytics, tighter approval paths, and targeted monitoring for high-risk users rather than applying the same intensity to every account. The goal is to shrink the blast radius where loss is most likely, while preserving usability for low-risk access patterns.
Q: Why do AI agents create a separate data governance problem from human users?
A: AI agents can access and move data at machine speed across systems, but they do not naturally fit human review processes or ownership models. That means teams must govern them as non-human identities with explicit permissions, logging, and revocation paths. If they are treated like ordinary users, oversight gaps appear quickly.
Q: What do organisations get wrong about data security in cloud and SaaS environments?
A: They often assume classification alone will control exposure. In reality, data moves through email, collaboration, storage, and GenAI workflows, so the real risk is uncontrolled access plus poor visibility. Effective programmes pair policy with telemetry, identity context, and behavioural monitoring across the systems where data actually travels.
Q: How can teams know whether unified data security is actually working?
A: Look for faster investigations, fewer blind spots across major data paths, and clearer attribution for who or what moved sensitive data. If analysts still need to stitch together events from many disconnected tools, the programme is not unified enough. Effective control should improve both prevention and reconstruction of incidents.
Technical breakdown
Why data loss increases when human behaviour and access scope diverge
Data loss often emerges when the people with legitimate access are not the same people creating risk. Careless users, misdirected sharing, over-broad permissions, and weak visibility into user behaviour create a gap between policy and actual use. In practice, this means traditional DLP and classification controls can identify sensitive data but still miss the behavioural context that turns normal activity into leakage. The report’s emphasis on a small user cohort driving most incidents reflects a concentration problem, not a universal-user problem.
Practical implication: segment controls by risk behaviour, not only by data label or department.
How AI agents create a new data access surface
AI agents expand the data security problem because they can read, summarise, route, and act on data across multiple systems without fitting neatly into human identity models. An agent may not be malicious, but it can still generate exposure if it has unsupervised access to inboxes, documents, tickets, or knowledge stores. From an identity perspective, this makes the agent a governance object with data permissions, audit requirements, and lifecycle controls. From a security perspective, the key issue is not just data exfiltration, but uncontrolled data movement inside trusted workflows.
Practical implication: treat agent permissions as governed access paths with explicit auditability and revocation.
Why fragmented tooling weakens visibility across cloud and SaaS data
When data security tooling is split across multiple vendors and control planes, investigations become slower and blind spots multiply. Fragmentation makes it harder to trace which user, workload, or agent touched sensitive data, especially in hybrid and multicloud environments. The operational cost is not only analyst fatigue but inconsistent enforcement across email, collaboration, cloud storage, and GenAI tools. A unified view matters because data incidents rarely stay inside a single application boundary.
Practical implication: consolidate telemetry and policy enforcement around the systems where sensitive data actually moves.
Threat narrative
Attacker objective: The objective is to obtain or expose sensitive enterprise data through trusted identity and workflow paths without triggering timely detection.
- Entry occurs through legitimate user access, compromised credentials, or an AI agent embedded in business workflows that can reach sensitive data sources.
- Escalation happens when broad permissions, weak oversight, or poor visibility allow that actor to read, route, or expose data beyond intended scope.
- Impact follows through misdirected disclosure, exfiltration attempts, or unmanaged data leakage across email, SaaS, and GenAI interfaces.
NHI Mgmt Group analysis
Data security has become an identity governance problem. Once sensitive information is touched by humans, service accounts, or AI agents, the question is no longer only where the data lives. The question is who or what can move it, observe it, and disclose it across SaaS and cloud workflows. That makes access scope, auditability, and behavioural context the real control plane for modern data protection.
Behavior-aware controls are now more valuable than blanket policy coverage. The report’s concentration insight, where a small fraction of users drive most loss events, points to a named concept we can call high-risk user concentration: security value comes from focusing monitoring and prevention on the few identities that disproportionately generate exposure. Behaviour analytics, not generic awareness messaging, is what reduces the blast radius.
AI agents widen the governance gap between permission and intent. A system can be authorised to access data and still operate outside the intended business boundary if its prompts, connectors, or actions are not tightly scoped. That makes agent permissions a governance issue across IAM, data security, and operational oversight. Organisations that treat agents as ordinary users will miss the difference between access and accountable use.
Fragmentation is now a measurable security risk, not just an operational nuisance. The report’s note that many teams rely on six or more data security vendors signals a visibility problem that undermines detection and investigation. When telemetry is split, the organisation cannot reliably reconstruct what happened to sensitive data, especially across email, collaboration, and GenAI. Practitioners should read tool sprawl as an exposure multiplier, not a procurement detail.
What this signals
High-risk user concentration is the operating model to watch. When a small share of identities creates most data loss, programme design should move away from broad uniform controls and toward concentrated oversight of the identities, connectors, and workflows that actually generate exposure. That is especially true when AI agents inherit access paths that were originally designed for humans.
Security leaders should expect data governance to converge with identity governance as GenAI adoption expands. The practical challenge is no longer simply classifying data at rest, but proving who or what moved it, where, and under which authority. For that reason, telemetry integration across email, SaaS, and agent workflows becomes a core control objective, not an analytics nice-to-have.
The near-term signal is that tool consolidation will matter less as a procurement preference and more as an investigation requirement. If teams cannot reconstruct a cross-system data path quickly, they will struggle to defend decisions, meet audit expectations, or contain leakage when AI-driven workflows become normal.
For practitioners
- Map high-risk user concentration first Identify the small set of users, roles, and workflows that generate the majority of data loss events, then apply tighter monitoring, approval rules, and DLP controls to those paths first. Use the same approach for AI agents that can touch sensitive repositories.
- Extend access governance to AI agents Inventory agent connectors, prompt-driven workflows, and service identities that can read or route sensitive data. Assign explicit owners, narrow their permissions, and require revocation paths that work when the agent is no longer needed.
- Reduce blind spots across email and SaaS Correlate email, collaboration, cloud storage, and GenAI telemetry so analysts can reconstruct data movement end to end. Prioritise the systems where misdirected sharing and exfiltration attempts already occur in volume.
- Measure exposure by workflow, not just by data class Track how sensitive data actually travels through business processes, including who touches it, which agent or application moves it, and where it leaves approved boundaries. This is more actionable than a classification audit alone.
Key takeaways
- Most enterprise data loss is still driven by human behaviour, but AI agents are now expanding the set of identities that can move sensitive data.
- The report’s strongest signal is concentration, because a very small portion of users accounts for most loss events and should receive disproportionate control attention.
- Practitioners need unified visibility across email, SaaS, and AI workflows if they want to govern data movement rather than just classify data.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST CSF 2.0, NIST SP 800-53 Rev 5, CIS Controls v8 and NIST AI RMF set the technical controls, while GDPR define the regulatory obligations.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AC-4 | Access scope and least privilege are central to the report's data loss patterns. |
| NIST SP 800-53 Rev 5 | AC-6 | Least privilege directly addresses over-broad user and agent access to sensitive data. |
| CIS Controls v8 | CIS-5 , Account Management | Account and identity oversight is needed where users or agents drive data loss events. |
| NIST AI RMF | GOVERN | AI agents touching data require clear accountability and oversight under the AI RMF. |
| GDPR | Art.32 | The report touches personal and sensitive data exposure, making security of processing relevant. |
Use Art.32 to validate that data handling controls protect confidentiality, integrity, and resilience.
Key terms
- High-Risk User Concentration: A pattern where a small number of users, roles, or workflows account for a disproportionate share of data loss or exposure. It shifts security focus from broad population controls to the identities and processes that create the largest practical blast radius.
- Agentic Workspace: A working environment where humans and AI agents both access and manipulate enterprise data through connected tools and systems. The security challenge is to govern agent behaviour as well as human access, because both can move sensitive information across trusted workflows.
- Behaviour-Aware Security: A control approach that evaluates how data is actually used, not just whether access is technically allowed. It combines identity context, activity patterns, and anomaly detection to identify risky behaviour before it becomes data loss.
- Unified Data Security: A security model that brings telemetry, policy, and investigation across multiple data channels into a common control view. Its value is operational, because fragmented tools make it hard to trace sensitive data movement and respond consistently to incidents.
What's in the full report
Proofpoint's full report covers the operational detail this post intentionally leaves for the source:
- Survey breakdowns across more than 15 industries, useful for comparing data loss patterns by sector.
- The platform intelligence that supports the report’s findings on user behaviour, misdirected email, and exfiltration attempts.
- Benchmarks on how many data security vendors organisations are using today and why that matters for visibility.
- The report's AI security section, including how organisations are using AI-enhanced features for classification, detection, and response.
Deepen your knowledge
The NHI Foundation Level course, the industry's only accredited NHI security programme, covers NHI governance, machine identity security, and secrets management. It gives security practitioners a practical way to connect identity controls to the broader governance challenges that data-heavy environments create.
Published by the NHIMG editorial team on July 14, 2026.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org