Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity News

Nearly Half of Organizations Lack "Full" Visibility Into Employee AI Usage

By Security Staff
Light blue and white lines across dark blue background
Luke Jones via Unsplash
July 1, 2026

A recent report by Bitdefender analyzed employee AI tool usage. While 51.8% of respondents report full visibility into sanctioned and unsanctioned AI usage, 47.4% acknowledge only partial or no visibility into individual Shadow AI tools or personal accounts used for work. The numbers tell a more troubling story at the leadership level: 57.8% of managers believe they have full visibility compared to only 45.9% of practitioners, and just 0.5% of managers report zero visibility versus 4.5% of practitioners, suggesting leaders may be significantly underestimating their organization's true exposure.

When asked which environments are of most concern, 45% of respondents identified internal AI systems and Large Language Models (LLMs) as their primary concern, followed closely by cloud infrastructure and application environments at 44%. Identity and access management (IAM) systems rounded out the top three at 33.3%. Notably, despite ranking AI systems as their top security concern, 20.4% of respondents rated employees leaking sensitive data into public LLMs as a low or extremely low risk, revealing a significant gap between perceived threat and actual exposure.

More than half (55.2%) of respondents who experienced a security incident or breach in the past 12 months stated they were told to keep it confidential despite believing it should have been reported to authorities. While slightly down from 57.6% in 2025, the figure remains dramatically higher than the 42% reported in 2023, pointing to a deeply entrenched culture of breach suppression globally. The U.S. led all regions at 68.6%, followed by Germany and U.K. both at 57.2%, and the pattern holds across organizational levels with managers (56.8%) and practitioners (53.5%) reporting similar pressure to stay silent.

Cloud infrastructure or application breaches topped the list of security incidents experienced in the past 12 months at 41.8%, followed by BEC resulting in financial or data loss at 35.9%, and ransomware at 25.6%. U.S. organizations stood out sharply, with 54.7% reporting BEC incidents, nearly 19 percentage points above the overall average. Adding to the picture, 59.2% of all respondents confirmed experiencing AI-driven social engineering attacks in the past 12 months, a strong signal that the use of AI in cybercrime has moved from industry hype to reality.

The top barriers to reducing the attack surface are high overhead in maintaining hardening rules and exceptions (38%), fear of operational disruption (35.4%), and resource constraints (34.6%), suggesting organizations understand the need to reduce exposure but struggle to act without impacting operations. Difficulty securing legacy systems (34.5%) and visibility gaps, defined as uncertainty about which legitimate tools are essential for each user (33.8%), deepen the challenge, with 48.8% of U.S. organizations reporting marked gaps in visibility compared to the overall average of 33.8%.

Over three-quarters (76.1%) of respondents say they would likely switch cybersecurity vendors due to concerns about data sovereignty, jurisdiction, or foreign government access to their data. The U.S. led all regions at 87%, followed by the U.K. at 85% and Germany (77%). Managers expressed even greater urgency than practitioners, at 79.4% versus 72.8% respectively. As regulations such as NIS2, DORA, and evolving U.S.-EU data frameworks continue to expand compliance obligations, organizations are increasingly prioritizing vendors that offer transparent data-processing models and clear answers on where their data lives and who can access it.

Organizations rate a broad spectrum of AI-driven scenarios as serious threats, with attackers using AI to generate self-mutating malware topping the list at 55.9%, followed by employees leaking sensitive data into public LLMs (53.5%), AI-driven evasion techniques bypassing traditional endpoint detection and response (EDR) signatures (52.5%), and deepfakes or voice cloning used in fraud or BEC (51.9%). Notably, while self-mutating malware ranks as the top concern, current threat intelligence suggests adversaries are using AI to accelerate and refine attacks rather than create fundamentally new malware. Concern extends beyond these scenarios, with agentic AI expanding the attack surface emerging as a regional flashpoint, particularly in Singapore (64%) and the U.S. (61.6%).

Download the report.

KEYWORDS: Artificial Intelligence (AI) Security employee monitoring employee risk security tools

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Cybersecurity
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Security Leadership and Management
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Trophy and soccer ball

Security Experts Discuss Threats to FIFA World Cup 2026

Soccer stadium

How the Current Iran-US Conflict May Impact World Cup Security

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Neighborhood

Residential AI Data Centers: Security, Privacy, and Governance Concerns

Officers at an event

The 2026 FIFA World Cup Will Test Security Operations Like Never Before

SEC 2026 Benchmark Banner

Events

July 8, 2026

The 2026 Security Maturity Benchmark Report: Insights From Senior Security Leaders

LIVE: July 8, 2026 at 2 pm EDT In this webinar, speakers will share key insights from the report, including why today’s threat environment demands greater maturity and how to evaluate your organization’s current security posture.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • AI chat screen on cellphone

    68% of Organizations Experienced Data Leakage From Employee AI Usage

    See More
  • green and pink pyramid on blue background

    94% of organizations don't have full visibility into service accounts

    See More
  • the cloud

    Pandemic has accelerated cloud transformation for nearly half of organizations

    See More

Related Products

See More Products
  • 9780367221942.jpg

    From Visual Surveillance to Internet of Things: Technology and Applications

  • Security of Information and Communication Networks

  • 9780367259044.jpg

    Understanding Homeland Security: Foundations of Security Policy

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing