《LayerX：2025年企業生成式AI安全報告：用戶使用情況及影子AI安全盲點（英文版）（11頁）.pdf》由會員分享，可在線閱讀，更多相關《LayerX：2025年企業生成式AI安全報告：用戶使用情況及影子AI安全盲點（英文版）（11頁）.pdf（11頁珍藏版）》請在三個皮匠報告上搜索。

1、EnterpriseReport 2025GenAI SecurityReal-life data on how enterprise users consumeGenAI tools,who uses them,and where thesecurity blind spots of shadow AITHE ONLY REPORTTHAT ANALYZESGenAI THREATS ATTHE USERS POINTOF RISK IN THEBROWSER!AI has taken the world by storm.Or has it?Because once you move pa

2、st the big,bombastic headlines and the marketing spin,there is surprisingly little hard data on how AI is actually used,especially by enterprise users.This research is meant to do exactly that.It provides tangible statistics on how enterprise users consume AI in the workplace based on real-life data

3、 and telemetry collected from LayerX Securitys customer base.Whats In This ReportThis report covers several areas relevant to GenAI and AI application usage,including:How GenAI is used in organizationsWho uses GenAI and AI SaaS applications in the organizationHow employees connect to and access GenA

4、I toolsHow corporate data is shared with LLMsThe security risks posed by GenAI browser extensionsAll the findings are based on telemetry collected from LayerXs unique data set.I|What Makes LayerXs Data UniqueThere is no shortage of reports and surveys in the market,but what makes LayerXs data unique

5、 is where we collect our data and who we collect it from.The LayerX Security solution is deployed directly within users web browsers,meaning that LayerX has full visibility to all user activity and data that passes through the browser.This allows us comprehensive insights on the usage of GenAI tools

6、 and AI-enabled SaaS applications.Moreover,LayerXs customer base is comprised almost entirely of medium and large enterprises,meaning that the insights we collect are specific to enterprises and enterprise users.Executive SummaryHow can you protect against what you dont know about?A CISOs Framework

7、to Security GenAI ToolsBased on these findings,we suggest CISOs and security managers implement a number of high level recommendations to cover their bases:Audit All GenAI Activity:Since so much of employees AI activity is hidden,its crucial for the organization to audit all AI activity at the endpo

8、int level,to make sure they have visibility to it all.Proactively Educate Employees:Since AI is a new technology,many users are still oblivious to its associated data risks.This is why its critical to proactively educate users and alert them to potential AI risks,as they are taking place.Apply Risk-

9、Based Restrictions:While some organizations try to outright ban all AI usage,this is not a long-term solution in a world that is becoming increasingly AI-driven.This is why its critical to apply security restrictions that are adaptive and contextual,to enable employees to use AI securely,without sac

10、rificing |Hidden Access to GenAI Tools Nearly 90%of logins to AI SaaS applications are done with either personal accounts,or corporate accounts not backed by SSO.Such logins dont go through organizational identity and access management systems,leaving organizations blind to their existence.Moreover,

11、any connection to AI tools via a personal account will not be subject to organizational privacy and data controls by the LLM tool.#1The Long Tail of Shadow AI The top AI tools dominate over 90%of AI application usage,but once you move past the handful of best-known AI tools,there is a long tail of l

12、ittle-known and invisible shadow AI tools that fly under the radar.Most organizations do not have visibility as to which tools are used in their organizations,by whom,or where they need to place controls.#2AI Browser Extensions are a Side Door for Data LeakageWhile many organizations already deploy(

13、or are at least considering)dedicated AI security solutions,AI-enabled browser extensions often represent an overlooked side door through which data can leak to GenAI tools without going through inspected web channels,and without the organization being aware of this data transfer.#3Key FindingsDespi

14、te organizational security policies,organizations have no visibility into 89%of AI usage in the organization.Over 70%of connections to GenAI tools such as ChatGPT are done with users personal accounts,even on enterprise devices.Even among logins using corporate accounts,58%of connections are done wi

15、thout SSO.This means that nearly 90%of logins to GenAI tools are invisible to organizational identity access and control systems,and security and IT teams have no idea who is using GenAI tools and what data is being exposed inside GenAI conversations.Most GenAI users are casual,and may not be fully

16、aware of the risks of GenAI data exposure.Only about 15%of enterprise employees use it on a weekly basis,and while a small percentage of users who use it extensively,most users are casual users.While some readers might see this statistic as an indication that there is no problem,we see it as a gapin

17、g hole through which users may inadvertently leak data.Exactly because most users use it casually,organizations need to ensure that their users are educated and aware of the risks.Browser extensions are the hidden threat of GenAI data leakage.About 20%of users have a GenAI browser extension installe

18、d on their computer,which can bypass AI access filters on network solutions such as Secure Web Gateways(SWGs),thereby allowing exposure of data of organizational data to remote LLMs without the organization knowing or being able to track it.Over 90%AI usage is concentrated in large,well-known apps,b

19、ut there is a long tail of shadow AI applications.ChatGPT alone accounts for over 50%of enterprise usage,and the top 5 AI SaaS apps for over 85%of AI usage.However,outside of the handful of well-known apps there is a long tail of lesser-used AI tools that fly under the radar.As a result,security man

20、ages dont know which other AI apps are used,and where to put controls.A small number of users expose large volumes of data.While text input is the standard form of interaction with GenAI tools,copy/paste and file upload are the channels through which data can leak at scale.Approximately 18%of users

21、paste data to GenAI tools,and about 50%of that is company information.#|#2#3#4#5GenAI Usage is Widespread,But Still Mostly CasualThe FindingWe began our analysis by looking at the top Generative AI tools such as ChatGPT,Gemini,Copilot and others.The data shows that approximately 14.5%,or about one o

22、ut of seven users,use these GenAI tools on a weekly basis.Looking at the most-used GenAI tools,OpenAIs ChatGPT is the undisputed champion,with 77%of activity,far ahead of Googles Gemini at 11%.After that,there is a minor surprise with Anthropics Claude AI engine coming ahead of Microsoft Copilot,wit

23、h 5%and 4%,respectively.Other LLMs make up the rest,with about 3%combined.With regards to usage patterns,the data shows a wide disparity between heavy and casual users.Whereas the top 5%of heaviest GenAI users access GenAI tools,on average,more than 4 times a day,the bottom 50%of users access them o

24、nly 1-2 times a month.This finding indicates that while GenAI has made large inroads within a short time,most users are still casual,occasional users and that AI usage is not(yet?)a part of their day-to-day usage.Software developers are the largest constituency of active users.Among enterprise users

25、,39%of users who use GenAI tools belong to R&D,28%belong to Sales and Marketing.IT,HR,and Finance users make up single digits only.This finding is consistent with market trends of AI uses (and available tools)for software development and marketers.14.5%Of enterprise users access GenAI tools on a wee

26、kly |77%Of user access to online LLM tools is to ChatGPT39%Of enterprise users who use GenAI tools regularly are software developersAnalysisThe findings indicate that while GenAI usage is widespread,it is not(yet)ubiquitous in organizations.Nonetheless,considering the short period since ChatGPT firs

27、t came into our lives in late 2022,these are significant inroads that are only expected to increase in the coming years.Evidence of the disparity in usage between casual and heavy users could be seen in the usage patterns where the bottom 50%of users(and in all likelihood,much more than that)used Ge

28、nAI tools only occasionally,whereas the top 5%of heavy users used it all the time.We expect this tip of heavy users to increase with time,but for now,it shows the chasm that most users have not yet crossed.There was little surprise in the distribution of the top GenAI users of software developers,ma

29、rketers and salespeople,as those are the organizational users that probably benefit the most for the generative aspects of GenAI.However,as uses of GenAI expand,we expect those results to even-off.Finally,it was no surprise that ChatGPT was the leader in terms of usage,but we were surprised to see t

30、he extent of the lead,particularly over established enterprise players such as Google and Microsoft.Whether it is first mover advantage,brand recognition,or better technology OpenAI created a lead that will be difficult to erase in the foreseeable future.Of course,these findings may(and will)vary am

31、ong organizations,depending on the makeup of their workforce and specific line of work.However,it highlights the need for organizations to track usage of GenAI among their employees to fully understand whos using it,which tools they are using,and to what end.Top GenAI tools by user connectionsEnterp

32、rise GenAI users by departmentR&D|The Long Tail of AI SaaS Applications51.7%Of all AI application access is to ChatGPT only86%Of all AI application access is to the top 5 AI apps1%Of AI application access is to the bottom 50 appsThe FindingNext,we expanded our analysis to look at not just GenAI tool

33、s and LLMs,but also at AI-enabled SaaS applications that are classified as Ai applications.In terms of the most commonly used AI applications,ChatGPT is far-and-away the most commonly used AI application.Among AI tool users,ChatGPT was accessed,on average,more than once per day.Chat GPTGemini,Copilo

34、t,Canva,D,Claude,HuggingFaceP,FreshChat,Ottter.ai,PreplexityTier 1:Accessed multiple times per dayTier 2:Accessedbetween 1 per day and once per weekTier 3:Accessed,on average,once per weekThe next tier includes the other top GenAI tools,including Gemini,Claude,and Copilot,which were accessed,on aver

35、age between once a day and once a week.Other AI applications in this tier include D,Canva,and AI application marketplace HuggingFace.The tier after that includes other well-known AI tools such as P,Otter.ai,FreshChat,and Perplexity.These tools were accessed,on average,once per week.Of the top 100 mo

36、st popular AI applications,ChatGPT accounted for 51.7%of all AI website requests.The top 5 applications accounted for over 86%of AI usage,but the bottom 50 accounted for less than 1%of requests.These findings are an indication both of the immense popularity of ChatGPT,as well as of the long-tail of

37、AI applications,which extends beyond the top four or five AI tools that are top-of-mind to most consumers.55%45%35%25%15%5%102030405060708090100Most Commonly Used AI ApplicationsAccess Requests of All AI Applications AnalysisEverybody knows ChatGPT.And the next five or ten AI tools.But what happens

38、when you get outside of the top 10 AI tools?The findings show that there is an immense cliff between the handful of top tools that get the overwhelming majority of AI traffic and the rest of the pack.However,as more and more SaaS applications become AI-powered(and now ones pop-up),this leads to a lo

39、ng tail of shadow AI applications that probably have few users and fly under the radar of corporate IT and security teams.This means that for most organizations,apart from the few AI tools that jump to everybodys mind,there is little visibility or control over what AI tools are used in the organizat

40、ion,whos using them,and what data goes into them.From an organizational security point of view,security managers need to make sure they have visibility into these shadow AI applications and control over their usage.Top AI SaaS Applications by User AccessMost Workplace AI Usage is Invisible to Organi

41、zationsThe FindingThe data shows that the overwhelming majority of connections to GenAI tools are carried out using non-corporate logins.Over 71.6%of requests to GenAI tools were done using personal accounts.Of the 28.4%of logins done using corporate accounts,58.7%(and 16.6%of total logins)were not

42、backed by Single Sign On(SSO).This means that only 11.7%of all logins to GenAI applications adhered to the gold standard of using a corporate account backed by SSO.The mirror image of that finding is that nearly 90%of web-based GenAI usage is invisible to the organization.71.6%Of access to GenAI too

43、ls is done using non-corporate |58.7%Of access to GenAI tools using corporate accounts is done without SSO 11.7%Of all AI application access is done using corporate accounts backed by SSOAnalysisOrganizations use Single Sign On(SSO)so that corporate SaaS logins pass through the organizational IdP,gi

44、ving the organization visibility into where these corporate logins are used,and providing them a measure of control(at least to the extent that they can block access to unwanted websites or SaaS applications).However,the findings show that connections to GenAI tools by employees on organizational de

45、vices are overwhelmingly done using non-corporate(i.e.,personal)accounts.When users are connecting to GenAI tools via their personal(and typically free)accounts,they are not subject to data controls applied to corporate accounts,such as private tenants,not using data for LLM training,etc.As a result

46、,any company information shared on such public infrastructure is compromised.Moreover,even employees using corporate accounts do not usually use SSO.As a result,organizations have no idea of these connections.This leaves organizations blind to shadow AI applications and the unsanctioned sharing of c

47、orporate information on AI tools.Connections to GenAI tools by account typeA Small Number of Users Share Large Amounts of DataThe FindingThe data shows that nearly 18%of users paste data to GenAI tools,but less than 1%upload files to GenAI tools.However,the data also indicates that users who submit

48、data to GenAI tools via paste and file upload do so relatively frequently:among users who paste data to GenAI tools,on average,do so 6.8 times per day,and over 50%of those activities(3.8 events per day,on average)include data that could be classified as corporate information.Although a relatively sm

49、all number of users upload files to GenAI tools,those who do so are also fairly active and upload an average of 3.7 files per day.18%Of enterprise users paste information to GenAI |1%Of enterprise users upload files to GenAI tools50%Of paste activity to GenAI includes corporate dataAnalysisText inpu

50、t is the standard method of interaction with GenAI tools.Virtually 100%of users input information that way into LLMs.However,that approach is typically limited in the amount of sensitive information that can be exposed since there is usually a limit to how much(and how long)a user is willing to type

51、.The bigger data risk,however,comes from copy/paste of information and file upload.Those are the methods in which large amounts of company information can be exposed on GenAI tools with a few keystrokes.Approximately one in five enterprise users paste information to GenAI tools.While there is no inf

52、ormation on where this information comes from,it makes sense that much of it is from other data sources and contains larger amounts of data(otherwise,it would have been easier to type it manually).It is no surprise,therefore,that about 50%of pasted information contained information that could be cla

53、ssified as corporate information.Similarly,about 1%of users upload files to GenAI tools.While we did not review the contents of these files for this research,it makes sense that this was done for data analysis of large quantities of data,which could put this information at risk if this activity is n

54、ot properly monitored and controlled.Therefore,organizations should track user connections to GenAI tools and their activities within those tools,as well as monitor the data shared with online LLMs.A GenAI Problem is Also a Browser Extension ProblemThe FindingThe research shows that 20.63%of all use

55、rs have installed an AI-enabled browser extension.Of those who have such an extension installed,45%have more than one such extension.Of GenAI browser extensions,58%have a permission scope classified as high or critical,compared to 66.6%of all extensions.Finally,5.6%of AI extensions are classified as

56、 malicious and can be used to steal data.20%Of enterprise users have installed a GenAI-enabled browser |58%Of GenAI browser extensions have High or Critical permission scope5.6%Of GenAI browser extensions are classified as maliciousAnalysisBrowser extensions are the hidden AI threat most organizatio

57、ns dont know about.While most of the attention is focused understandably on web access to LLMs and GenAI tools,AI-enabled browser extensions present a side door through which data can leak out,even if the traditional web channels are blocked.Moreover,the research shows that most AI-enabled browser e

58、xtensions are granted extensive permissions to sensitive browsing information such as cookies,browsing information,web page contents,user identities,and more.This is critical since over 5%of AI-enabled browser extensions are classified as malicious.The implication for organizations is that they need

59、 to see browser extension security as a facet of GenAI security and apply security controls over them,just as they would for web access to GenAI sites.GenAI Extensions by Permission ScopeRecommendationsMap AI Usage in the OrganizationAll organizations use GenAI,and most users have used GenAI tools.H

60、owever,not all GenAI usage is the same:some users use it more than others,and for different purposes.This means that mapping GenAI usage in the organization is a critical first step in understanding your companys risk profile and building an effective remediation |10Restrict Personal Accounts and En

61、force SSOMost GenAI tools now offer corporate accounts,with built-in security measures not found in personal accounts.While specific capabilities between providers,key features typically include private organizational tenant,not shared with other users of the service,not using data for LLM training,

62、and more.However,these benefits depend on users using such business accounts instead of their personal GenAI accounts.Prompt UsersSecurity managers often need to strike a delicate balance between security and productivity.This is especially true for GenAI,which many employees use legitimately and ef

63、fectively.One potent actionable step to limit the risk of GenAI usage it to prompt users with a reminder message when they access GenAI tools.Such a warning message will not restrict users activities,but it will remind them of organizational policy,risks,and responsible data usage.Block Sensitive In

64、formation UploadWhile many organizations allow uploading information to GenAI for legitimate productivity uses,in some cases,restricting the type of data or manner of sharing with GenAI tools may be unavoidable.Therefore,restricting the manner in which data can be inputted into GenAI tools(for examp

65、le,blocking the pasting of text or blocking file upload)or applying restrictions specifically on data that has been classified as sensitive are effective ways to prevent GenAI data leakage without having to fully block AI tools.Control GenAI Browser ExtensionsFinally,one primary way users often cons

66、ume GenAI tools is via browser extensions.Such extensions are installed in the browser,automatically tracking and analyzing user activity.While some AI extensions are from reputable publishers and have legitimate uses,for many such extensions,users often dont know who is really standing behind them

67、and what access they have.This is why restricting GenAI browser extensions is crucial in preventing the leakage of sensitive organizational data.#1#2#3#4#|How LayerX Helps Prevent AI Data LeakageLayerX is an all-in-one,agentless security platform that protects organizations against GenAI data leakag

68、e,detects and enforces controls over shadow AI apps,and enforces access controls over GenAI usage,with no impact on the user experience.LayerX natively integrates with any browser,turning it into the most secure and manageable workspace,with no impact on the user experience.Key LayerX capabilities t

69、hat help prevent GenAI data leakage:Full discovery and visibility into which GenAI websites and SaaS applications are being used in the organizationsWhich users are using each GenAI tool,and whether they are logging in to it using corporate or personal accountsTrack what data is uploaded to GenAI to

70、ols and how it is inputted(e.g.,text input,copy/paste,file upload,etc.).Easy-to-use policy wizard that enables security administrators to create finely tuned policies to control GenAI usage(for example,preventing developers from pasting code into GenAI prompts)Robust enforcement capabilities that do

71、nt just fully allow or completely block GenAI tools,but offer a range of enforcement capabilities,such as:Monitor only Warn user Prevent with an option for the user to bypass by submitting justification Prevent with no option to overruleAutomatically classify AI browser extensions,assign And more!Th

72、ese capabilities allow security managers to map GenAI usage in the organization,educate users on security risks,enforce usage only of corporate accounts in GenAI tools,prevent uploading sensitive data to GenAI applications,and block risky AI extensions.To see how we can help you prevent GenAI data leakage without sacrificing productivity,go to http:/ and book a demo today!