Notifications
Clear all
Topic starter
07/06/2026 7:57 pm
TL;DR: 60% of enterprises lack visibility into at least half of their data estate, leaving cyber resilience, recovery, and AI security decisions built on incomplete discovery and classification, according to Cyera research. The governance gap is now operational, because you cannot protect or recover what you cannot consistently find.
NHIMG editorial — based on content published by Cyera: A Future-Ready Approach to Securing Data for Cyber Resilience with Cyera and Cohesity
By the numbers:
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, 46% confirmed and 26% suspected.
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.
Questions worth separating out
Q: How should security teams improve cyber resilience when data visibility is incomplete?
A: Start by measuring how much of the estate is actually classified and owned, then link that inventory to access, backup, and recovery decisions.
Q: Why does poor data visibility create identity governance risk?
A: Because access governance depends on knowing what the identity can reach.
Q: What do teams get wrong about cyber resilience and backups?
A: They often assume that successful backup operations mean the environment is resilient.
Practitioner guidance
- Measure discovery coverage by sensitivity tier Track the percentage of sensitive repositories, cloud buckets, SaaS stores, and backup locations that are classified and owned.
- Tie recovery order to business sensitivity Align backup and restore runbooks to the datasets that classification marks as regulated, confidential, or operationally critical.
- Map identities to sensitive-data paths Identify which human users, service accounts, and AI-connected identities can read, copy, transform, or export sensitive data.
What's in the full report
Cyera's full report covers the operational detail this post intentionally leaves for the source:
- Enterprise Strategy Group context on how visibility gaps affect cyber resilience planning and recovery priorities.
- How Cyera and Cohesity position discovery, classification, protection, and recovery as a single operating model.
- Practical detail on aligning data security and data recovery for AI adoption use cases.
- The report's analyst framing on why actionable data intelligence matters for secure innovation.
👉 Read Cyera's report on data intelligence for cyber resilience and AI security →
Data visibility gaps and AI adoption: what IAM teams need to know?
Explore further
07/06/2026 9:42 pm
Data visibility is now an identity control problem, not just a storage problem. When 60% of enterprises cannot see at least half of their data estate, entitlement decisions are being made against an incomplete asset map. That weakens every downstream governance process, from access review to recovery prioritisation. The implication is that IAM and data security teams must treat discovery coverage as part of the control baseline, not as a separate project.
A few things that frame the scale:
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, 46% confirmed and 26% suspected, according to the 2024 ESG Report: Managing Non-Human Identities.
- Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months, a pattern that shows how access sprawl compounds operational risk.
A question worth separating out:
Q: How can organisations govern sensitive data used in AI workflows?
A: They should trace where the data enters the workflow, which identities can transform it, and where it can reappear in prompts, outputs, or analytics. If those paths are not mapped, AI governance becomes reactive. The safer approach is to treat each workflow as an access boundary that must be explicitly understood before deployment.
👉 Read our full editorial: Data visibility gaps are weakening cyber resilience for AI adoption
