Immuta, a data security leader, has announced the findings of its fourth annual State of Data Security Report, which highlights the current state of data security amid organisations’ rapid adoption of AI and Generative AI tools. The report, commissioned by Immuta and conducted by customer voice platform, UserEvidence, surveyed 700 data platform and security practitioners at global cloud-based enterprise companies across the UK, US, Canada and Australia.
The findings indicate that adoption and use of AI tools is high across organisations, however, many are concerned about the impacts AI will have on their larger data security strategy. Only half of the respondents say their organisation’s data security strategy is keeping up with AI’s rate of evolution. What’s more, despite AI’s recent boom, implementing stronger data governance and security controls will be a higher priority for data teams in 2024. When asked what significant initiatives their company is taking on in the next 12 months, 80% of respondents said their top priorities were data security related initiatives – such as implementing stronger data governance and security controls and modernising data architectures with new concepts like data mesh – while only 20% noted integrating AI into business processes will be a top priority.
Other key findings from the report include:
AI sparks excitement and security risks for data professionals
The rapid evolution of AI and Machine Learning (ML) has spurred both excitement and concern across organisations. According to the report, employees are already leveraging these tools to increase productivity and streamline processes within their roles. Nearly nine-out-of-10 (88%) data professionals note their employees are using AI and many data professionals are confident AI will help them become better at things like anomaly detection (44%) and phishing attack identification (46%).
At the same time, many are concerned about the broader security impacts AI will have on their organisation. More than half of respondents (56%) cite the exposure of sensitive data via an AI prompt as their greatest area of concern. This trepidation reinforces the need for AI-specific security strategies and policies so organisations can confidently and securely utilise the technologies and also launch AI models at scale.
Data governance and compliance are top priorities
Although AI is top of mind for data professionals across every sector, trust, security and compliance are still leading organisational priorities. Nearly all (88%) data leaders believe data security will become an even higher priority in the next 12 months, ahead of AI. With 80% of data professionals indicating that their data protection capabilities are better than they were a year ago, it’s likely budgets and resources will increase as data security continues to be a growing priority for business leaders amid today’s evolving threat landscape.
Collaboration: A vital element of data security
According to the report, there is no clear owner of data security across organisations. Respondents indicated that the job title most commonly accountable for data security is Data Privacy or Security Manager (19%), or CTO (15%). However, numerous other roles were also noted as being responsible for data security. This lack of ownership creates challenges around managing security collaboratively, which leads to teams operating in silos and insecure deployments.
Data access is still a major security challenge
Data access remains a major security obstacle for teams: 33% of respondents cited a lack of visibility into data sharing and usage as their biggest security challenge and that they have missed business opportunities as a result.
Similarly, 56% note that data security processes slow down access to data, meaning that over half of organisations are sacrificing some level of data-driven value for essential security outcomes – trading agility for trust and compliance.