TL;DR: GenAI adoption is accelerating faster than governance, with 4% of prompts and over 20% of file uploads containing sensitive corporate data, 56% of prompt-injection tests bypassing safeguards, and 75% of companies reporting AI policies while fewer than 60% have trained governance staff, according to Knostic. The evidence shows that policy alone does not enforce identity, data, or incident controls.
NHIMG editorial — based on content published by Knostic: Fast Facts on GenAI Security Statistics
By the numbers:
- 4% of prompts and over 20% of files uploaded to GenAI tools contain sensitive corporate data.
Questions worth separating out
Q: How should organisations control sensitive data in GenAI tools?
A: Organisations should treat prompts, uploads, and model outputs as governed data flows, then apply classification, inspection, and logging at the point of use.
Q: Why do prompt injection attacks remain hard to stop?
A: Prompt injection is hard to stop because the model may not reliably distinguish trusted instructions from malicious content once both are present in the same context.
Q: What do security teams get wrong about AI governance policies?
A: The common mistake is assuming that a written policy equals enforcement.
Practitioner guidance
- Classify GenAI prompt and upload paths as governed data flows Map which prompts, files, and outputs may contain sensitive corporate data, then apply approval, inspection, and logging controls at the point of interaction.
- Test prompt-injection resilience with adversarial scenarios Run structured tests against the models and AI workflows you actually use, including retrieval, summarisation, and tool invocation.
- Assign accountable AI governance owners Name the security, legal, compliance, and operations roles that own policy enforcement, exception handling, and incident response for GenAI use.
What's in the full report
Knostic's full article covers the source studies and implementation details this post intentionally leaves for the original:
- The underlying research methodology behind each statistic, including how the sources defined prompts, uploads, and incidents
- The specific control recommendations Knostic ties to AI-specific DLP, prompt sanitization, and governance staffing
- The report’s discussion of AI policy enforcement gaps and how teams can operationalise response readiness
- The vendor’s examples of AI security use cases across Copilot, search, and other enterprise GenAI workflows
👉 Read Knostic’s full statistics roundup on GenAI security risk and governance gaps →
GenAI security statistics: what are IAM and AI teams missing?
Explore further
AI governance is becoming an identity governance problem because data access now happens through conversational systems. When employees can move sensitive data into GenAI tools, the security question is no longer limited to login and entitlement management. It becomes a question of who is allowed to reveal, retrieve, or transform information through an AI interface, and how that behaviour is measured and contained. Practitioners should treat GenAI access paths as governed identity surfaces, not as informal productivity tools.
A few things that frame the scale:
- 33% of organisations report their AI agents have accessed inappropriate or sensitive data beyond their intended scope, according to the AI Agents: The New Attack Surface report.
- 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: How can teams measure whether GenAI controls are actually working?
A: Teams should measure exposure rates, blocked transactions, test failures, and incident response readiness, then compare those signals over time. If sensitive data still appears in prompts or uploads, or if adversarial tests bypass safeguards, the control design is not yet effective. The metric must reflect runtime behaviour, not policy presence.
👉 Read our full editorial: GenAI security statistics show governance is lagging adoption