Skip to content
Menu
Menu

AI Becomes the Top Driver of Enterprise Data Security Decisions

Organizations now rank protecting AI systems and the data they use ahead of preventing traditional data leaks when choosing data security tools.

Key Takeaways

  • 64.4% of respondents said protecting the data used by AI systems is their top reason for evaluating data security tools, surpassing the prevention of the unauthorized removal of sensitive data (56%).
  • Better visibility into the data used by AI systems ranked as the most important capability in a data security posture management (DSPM) platform at 57.8%.
  • Respondents identified moving data to train AI systems as the leading reason sensitive information ends up in unauthorized locations (40.9%).
  • 76.4% of respondents expressed concern about prompt injection attacks targeting AI systems.

Enterprise security priorities are shifting as organizations expand their use of AI, according to the report Leveraging DSPM and Artificial Intelligence to Solve Data Security Challenges from Enterprise Management Associates (EMA). The research found that organizations now prioritize protecting AI systems over preventing traditional data leaks when choosing data security tools.

The report surveyed 225 IT professionals, security practitioners, data governance leaders, and technology executives across North American enterprises about their approaches to protecting sensitive data in AI-enabled environments. Much of the research focuses on DSPM: software that helps organizations discover, classify, and protect sensitive data across cloud and on-premises environments.

AI becomes the top security priority

The survey found that 64.4% of respondents ranked protecting the data used by AI systems, including prompts and training data, as their top priority when evaluating data security tools. That surpassed preventing traditional data leaks at 56%. According to EMA, it is the first time an AI-related priority has become the leading reason organizations evaluate such security tools.

The shift reflects the capabilities organizations value most. Better visibility into the data used by AI systems and the responses they generate ranked first at 57.8%. It finished ahead of more traditional capabilities such as automatically identifying sensitive data, tracking where data moves, and discovering where sensitive data is stored.

AI training creates new data security risks

The report found that AI is also changing how sensitive data moves through organizations. 40.9% of respondents identified moving data to train AI systems as the leading reason sensitive information ends up in unauthorized locations. That exceeded developer testing environments (25.8%) and backup or replication errors (16%).

AI threats continue to grow

Security leaders also reported growing concern about threats targeting AI systems. More than three-quarters of respondents expressed concern about prompt injection attacks targeting AI systems. In addition, 57.8% said emerging AI regulations are driving stronger AI governance efforts, placing them ahead of established compliance frameworks such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act.

Governance still trails AI adoption

While organizations are investing in security features designed for AI systems, governance has not advanced at the same pace. Only 37.3% of respondents said their organizations have a fully implemented AI governance framework, while 56.4% reported their frameworks are only partially implemented. Several other surveys fielded in 2026 report similar findings relating to this “governance gap.”

Clayton Rifkind

Clayton Rifkind is the Founder and Senior Editor of AI Risk Today. He also advises on content development for esgtoday.com, a leading source of ESG investment news and research for institutional investors and corporate leaders. He has 20+ years experience in B2B technology marketing, leading strategy and execution of go-to-market plans across software, enterprise platforms, and mobile applications. He also founded two marketing consultancies, advising startups and Fortune 1000 companies, including Autodesk, Intel, and Microsoft. Clayton began his career in the San Francisco advertising scene, working with brands such as Hewlett-Packard, Intel, Microsoft, Symantec, and Wells Fargo.

Essential AI Risk Intelligence

Daily insights on AI governance, regulation, and enterprise risk management. Trusted by Chief Risk Officers and compliance leaders globally.

By subscribing, you agree to receive our daily newsletter. Unsubscribe anytime.

Advertise with AI RIsk Today, Today!