TL;DR: AI adoption is broadening faster than security readiness, with 49% of firms using tools like ChatGPT across departments and 77% of organisations reporting they are unprepared to defend against AI threats, according to Lakera and cited industry research. The security problem is no longer awareness, but governance that can keep pace with how AI is actually being used.
NHIMG editorial — based on content published by Lakera: AI Security Trends 2025: Market Overview & Statistics
By the numbers:
- 49% of firms use tools like ChatGPT across departments, from IT and marketing to finance and customer service.
- 77% of organizations find themselves unprepared to defend against AI threats.
- 90% of organizations are actively implementing or planning to explore large language model use cases.
Questions worth separating out
Q: How should security teams govern AI tools that are spreading across departments?
A: Security teams should govern AI tools the same way they govern other access-bearing systems: by defining owners, approved data classes, identity bindings, and audit points.
Q: Why do AI tools create new identity and access risks?
A: AI tools create identity risk because they often sit between users and sensitive systems, which lets them inherit permissions, reuse credentials, and process data at scale.
Q: How do organisations know whether AI security controls are actually working?
A: They know controls are working when every AI system has a documented owner, approved data scope, monitored access path, and a revocation process that can be tested.
Practitioner guidance
- Inventory all AI-enabled tools and integrations Build a register of sanctioned and unsanctioned AI systems, including department-owned copilots, embedded assistants, and third-party plugins.
- Bind AI access to identity lifecycle ownership Assign a named owner for every AI-facing credential, service account, or integration token so renewals, revocation, and access reviews do not drift into ambiguity.
- Constrain data inputs before expanding AI usage Define which data classes can enter AI tools and block sensitive content by default until the organisation can prove logging, retention, and policy enforcement are working.
What's in the full article
Lakera's full article covers the market data and implementation examples this post intentionally leaves for the source:
- Survey details on how organisations are using GenAI across departments and what that means for AI policy design
- The article's comparative statistics on confidence, regulation, and adoption that help frame board-level discussions
- Examples of security concerns, including AI-powered attacks, data exposure, and model misuse, that are useful for programme prioritisation
- The vendor's own practical guidance on how readers can think about securing GenAI workflows and user-facing AI output
👉 Read Lakera's AI security trends report for the market data and adoption signals →
AI security trends 2025: where are governance gaps widening?
Explore further
AI security has become an identity governance problem before it becomes a model-security problem. The article’s data points show broad adoption and weak confidence, which means the control gap is structural rather than isolated. When AI is embedded in business workflows, the relevant questions become who can access what, which secrets the system can touch, and how those privileges are governed. Practitioners should stop treating AI as a separate security island and manage it through identity, data, and lifecycle controls.
A few things that frame the scale:
- 49% of firms use tools like ChatGPT across departments, from IT and marketing to finance and customer service, according to The State of Secrets in AppSec.
- Organisations maintain an average of 6 distinct secrets manager instances, creating fragmentation that undermines centralised control, according to The State of Secrets in AppSec.
A question worth separating out:
Q: What should teams do when AI use is already happening before policy is ready?
A: Teams should first identify the highest-risk AI use cases, especially those touching sensitive data or production systems, and then apply immediate restrictions to access, retention, and credential reuse. Parallel to that, they should build a lifecycle model for approval, review, and offboarding. Waiting for a perfect policy creates more exposure than controlled interruption.
👉 Read our full editorial: AI security trends show adoption outpacing governance controls