Thales Reveals 70% of Organizations Rank AI as Top Data Security Threat
Why is AI becoming the biggest data security risk for enterprises? Thales, a global leader in advanced technologies for defense, aerospace, and cybersecurity, has released its 2026 Data Threat Report, which highlights a critical shift in the security landscape. The report, conducted by S&P Global 451 Research, reveals that 70% of organizations now consider AI their top data security risk. This is not just a technological issue but a fundamental challenge that affects industries ranging from automotive and energy to finance and retail.
According to the report, the rapid integration of AI into enterprise workflows, analytics, and customer service is creating new vulnerabilities. Sebastien Cano, Senior Vice President, Cybersecurity Products at Thales, emphasizes the urgency: “Insider risk is no longer just about people. It is also about automated systems that have been trusted too quickly. When identity governance, access policies, or encryption are weak, AI can amplify those weaknesses across corporate environments far faster than any human ever could.”
Key Insights at a Glance
- AI as Top Risk: 70% of organizations rank AI as their top data security risk.
- Credential Theft: 67% of organizations cite credential theft as the leading attack technique against cloud infrastructure.
- Deepfake Attacks: Nearly 60% of companies report experiencing deepfake-driven attacks.
- Security Investment: 30% of companies now dedicate specific budgets to AI security.
Why Governance Gaps Threaten AI Adoption in Enterprises
The Thales 2026 Data Threat Report underscores a significant gap between AI adoption and data governance. Only 34% of organizations know where all their data resides, and just 39% can fully classify it. Meanwhile, 47% of sensitive cloud data remains unencrypted. This lack of visibility and control is particularly concerning as AI systems gain broader access to enterprise data, often with fewer controls than human users.
The report highlights that as AI systems ingest and act on data across cloud and SaaS environments, the challenge of enforcing least-privilege access becomes more complex. This increases the risk of exposure if credentials are compromised. The urgency is clear: organizations must address these governance gaps to secure their data and prevent AI from becoming an insider threat.
The Regulatory Clock Is Already Running for Enterprises
Just as a clock ticks down to a deadline, enterprises must act swiftly to address the growing AI security risks. The report reveals that 67% of organizations cite credential theft as the leading attack technique against cloud management infrastructure. Additionally, 50% rank secrets management among their top application security challenges, reflecting the growing complexity of governing machine identities, API keys, and tokens at scale.
Thales emphasizes that while organizations recognize the need to adapt, investment is not keeping pace with the rapid expansion of AI-driven access and automation. 30% now dedicate specific budgets to AI security, but 53% still rely on traditional security programs. As machines increasingly authenticate, access, and act autonomously, many security strategies have yet to adjust to this shift in operating models.
Thales Embeds Strong Governance into AI Strategies
Thales is taking proactive steps to address these challenges. The company is embedding strong governance into its AI strategies to ensure secure and responsible AI adoption. Sebastien Cano explains, “When identity governance, access policies, or encryption are weak, AI can amplify those weaknesses across corporate environments far faster than any human ever could.”
Thales is investing in advanced encryption and identity governance solutions to help organizations manage the unique risks associated with AI. By treating data visibility and protection as core security elements, Thales aims to help enterprises navigate the complex landscape of AI-driven transformation securely. This approach is essential as AI continues to play a more significant role in enterprise operations.
Future Outlook
The future of AI in enterprise security is evolving rapidly. As AI systems become more integrated into workflows, the need for robust governance and encryption will only grow. Eric Hanselman, Chief Analyst at S&P Global 451 Research, underscores this point: “As AI becomes deeply embedded into enterprise operations, continuous data visibility and protection are no longer optional.” The organizations that embed strong governance into their AI strategies will be better positioned to innovate securely and avoid turning AI into their newest insider threat.
Conclusion
The Thales 2026 Data Threat Report highlights a critical shift in the data security landscape, where AI is emerging as the top risk. For enterprises, this means rethinking their approach to identity governance, encryption, and data visibility. How is your organization preparing for this shift? Join the conversation in the comments below.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.
The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.
Source link: https://www.businesswire.com/
