The fourth annual State of Data Security Report by Immuta highlights the current state of data security amid organisations’ rapid adoption of artificial intelligence (AI) and generative AI tools. The report found that most executives (88%) say that their employees are using AI, but 50% say their organisation struggles to keep pace with its evolution.
The 2024 State of Data Security Report, commissioned by Immuta and conducted by UserEvidence, surveyed 700 data platform and security practitioners at global cloud-based enterprise companies across the UK, U.S., Canada and Australia.
The findings indicate that adoption and use of AI tools is high across organisations, however many are concerned about the impacts AI will have on their larger data security strategy. Only half of the respondents say their organisation’s data security strategy is keeping up with AI’s rate of evolution. What’s more, despite AI’s recent boom, implementing stronger data governance and security controls will be a higher priority for data teams in 2024. When asked what significant initiatives their company is taking on in the next 12 months, 80% of respondents said their top priorities were data security related initiatives – such as implementing stronger data governance and security controls and modernising data architectures with new concepts like data mesh – while only 20% noted integrating AI into business processes will be a top priority.
“With the rapid onset of AI solutions and ongoing push to migrate data to the cloud, data leaders are now grappling with how to prioritize data security, agility, and visibility. They need solutions that provide both proper data protection and the flexibility to use data to drive value,” said Matt Carroll, CEO of Immuta. “Without the foundation of a strong data architecture and data security strategy in place, it will be impossible for organisations to safely integrate AI into their processes. Business leaders must design AI-specific security strategies that include the right protocols and policies to protect data.”
Other key findings from the report include:
The rapid evolution of AI and machine learning (ML) has spurred both excitement and concern across organisations. According to the report, employees are already leveraging these tools to increase productivity and streamline processes within their roles. Nearly nine out of 10 (88%) of data professionals note their employees are using AI, and many data professionals are confident AI will help them become better at things like anomaly detection (44%) and phishing attack identification (46%).
At the same time, many are concerned about the broader security impacts AI will have on their organisation. More than half of respondents (56%) cite the exposure of sensitive data via an AI prompt as their greatest area of concern. This trepidation reinforces the need for AI-specific security strategies and policies so organisations can confidently and securely utilise the technologies and also launch AI models at scale.
Although AI is top of mind for data professionals across every sector, trust, security, and compliance are still leading organisational priorities. Nearly all (88%) data leaders believe that data security will become an even higher priority in the next 12 months, ahead of AI. With 80% of data professionals indicating that their data protection capabilities are better than they were a year ago, it’s likely budgets and resources will increase as data security continues to be a growing priority for business leaders amid today’s evolving threat landscape.
As organisations grow, their structures become more intricate and they manage more data – both of which make data security increasingly challenging and critical. This also creates more complexity around data ownership. According to the report, there is no clear owner of data security across organisations. Respondents indicated that the job title most commonly accountable for data security is Data Privacy or Security Manager (19%), or Chief Technology Officer (15%). However, numerous other roles were also noted as being responsible for data security. This lack of ownership creates challenges around managing security collaboratively, which leads to teams operating in silos and insecure deployments.
Similar to findings from last year’s report – which found that 63% of data professionals lacked visibility into data access controls – data access remains a major security obstacle for teams: 33% of respondents cited a lack of visibility into data sharing and usage as their biggest security challenge, and that they have missed business opportunities as a result.
At the same time, 56% note that data security processes slow down access to data, meaning that over half of organisations are sacrificing some level of data-driven value for essential security outcomes – trading agility for trust and compliance.
To read the full 2024 State of Data Security Report, click here.
