A new study by Proofpoint shows that data protection is being tested from several directions at once. The findings highlight how fast data volumes are rising, how AI tools are introducing fresh exposure, and how human habits remain at the core of many breaches. Together, these trends have made the task of securing information far harder than before.
The 2025 Data Security Landscape study gathered views from a thousand security professionals across ten countries. It found that 85 percent of organizations faced at least one data loss event in the past year. Many experienced repeated incidents, showing that leaks have become routine rather than exceptional. Human behavior continues to play the biggest part in these losses. Fifty-eight percent of cases were linked to careless employees or outside contractors, while forty-two percent involved compromised accounts. Only one percent of users caused three-quarters of all data loss incidents, confirming how a small group of risky users can have a large effect.
Proofpoint’s internal data supports this pattern. Its systems record that even in firms with strong policies, a handful of people are often responsible for repeated leaks. The company says the most common cause is simple error, such as sharing files to the wrong channel or emailing information to unintended contacts. In many cases, these mistakes go unnoticed until damage has already been done.
The amount of information under management is adding to the pressure. Among large enterprises with more than ten thousand staff, forty-one percent now store over a petabyte of data. Nearly a third saw their total data increase by thirty percent or more within a year. For smaller firms, cloud use is expanding at a similar pace. The study found that forty-six percent of organizations view data spread across cloud and hybrid platforms as their main problem. Almost a third said outdated or duplicated data creates risk by increasing the number of files that need to be monitored. Proofpoint’s analysis of major cloud systems revealed that about twenty-seven percent of stored material is abandoned and no longer used.
Artificial intelligence is introducing a second layer of risk. Many companies have deployed generative tools and automated agents without enough oversight. Two out of five respondents listed data leaks through AI tools among their top concerns. Forty-four percent admitted they lack full visibility of what these systems can access. Roughly a third said they were worried about automated agents that operate with high-level permissions and can move information without supervision. These views were strongest in Germany and Brazil, where half of surveyed organizations ranked AI data loss as their top security issue. In the United Arab Emirates, forty-six percent said the use of confidential data for model training was their main fear.
The problem is worsened by security operations that are already stretched. Sixty-four percent of organizations rely on at least six different security vendors. This creates overlaps and makes investigations slower. One in five teams reported that resolving a data loss incident can take up to four weeks. Around a third said they do not have enough skilled staff to manage their systems and often depend on partial or temporary support.
Even with these constraints, many companies are beginning to reorganize their security setups. About sixty-five percent are now using AI-based tools to classify data, while nearly six in ten apply automated systems to flag unusual user activity. Half of all respondents believe that a unified data protection platform would help them manage information more safely and allow responsible use of AI.
Proofpoint concludes that organizations can no longer rely on scattered systems or manual monitoring. The combination of growing data stores, increased AI access, and the human element has turned data protection into a continuous process rather than a response to single events. The report suggests that firms will need clearer oversight, simpler toolsets, and stronger control of both human and automated actions to prevent small errors from becoming wide exposures.
Notes: This post was edited/created using GenAI tools.
Read next:
• Why Your Doctor Seems Rushed: The Hidden Strain of Modern Healthcare
• China’s AI Growth Challenges U.S. Supremacy, Nvidia Executive Says
The 2025 Data Security Landscape study gathered views from a thousand security professionals across ten countries. It found that 85 percent of organizations faced at least one data loss event in the past year. Many experienced repeated incidents, showing that leaks have become routine rather than exceptional. Human behavior continues to play the biggest part in these losses. Fifty-eight percent of cases were linked to careless employees or outside contractors, while forty-two percent involved compromised accounts. Only one percent of users caused three-quarters of all data loss incidents, confirming how a small group of risky users can have a large effect.
Proofpoint’s internal data supports this pattern. Its systems record that even in firms with strong policies, a handful of people are often responsible for repeated leaks. The company says the most common cause is simple error, such as sharing files to the wrong channel or emailing information to unintended contacts. In many cases, these mistakes go unnoticed until damage has already been done.
The amount of information under management is adding to the pressure. Among large enterprises with more than ten thousand staff, forty-one percent now store over a petabyte of data. Nearly a third saw their total data increase by thirty percent or more within a year. For smaller firms, cloud use is expanding at a similar pace. The study found that forty-six percent of organizations view data spread across cloud and hybrid platforms as their main problem. Almost a third said outdated or duplicated data creates risk by increasing the number of files that need to be monitored. Proofpoint’s analysis of major cloud systems revealed that about twenty-seven percent of stored material is abandoned and no longer used.
Artificial intelligence is introducing a second layer of risk. Many companies have deployed generative tools and automated agents without enough oversight. Two out of five respondents listed data leaks through AI tools among their top concerns. Forty-four percent admitted they lack full visibility of what these systems can access. Roughly a third said they were worried about automated agents that operate with high-level permissions and can move information without supervision. These views were strongest in Germany and Brazil, where half of surveyed organizations ranked AI data loss as their top security issue. In the United Arab Emirates, forty-six percent said the use of confidential data for model training was their main fear.
The problem is worsened by security operations that are already stretched. Sixty-four percent of organizations rely on at least six different security vendors. This creates overlaps and makes investigations slower. One in five teams reported that resolving a data loss incident can take up to four weeks. Around a third said they do not have enough skilled staff to manage their systems and often depend on partial or temporary support.
Even with these constraints, many companies are beginning to reorganize their security setups. About sixty-five percent are now using AI-based tools to classify data, while nearly six in ten apply automated systems to flag unusual user activity. Half of all respondents believe that a unified data protection platform would help them manage information more safely and allow responsible use of AI.
Proofpoint concludes that organizations can no longer rely on scattered systems or manual monitoring. The combination of growing data stores, increased AI access, and the human element has turned data protection into a continuous process rather than a response to single events. The report suggests that firms will need clearer oversight, simpler toolsets, and stronger control of both human and automated actions to prevent small errors from becoming wide exposures.
Notes: This post was edited/created using GenAI tools.
Read next:
• Why Your Doctor Seems Rushed: The Hidden Strain of Modern Healthcare
• China’s AI Growth Challenges U.S. Supremacy, Nvidia Executive Says
