The 2026 AI Threat Report released by Zscaler has unveiled a troubling reality for enterprises: as AI adoption skyrockets, so too do the risks associated with it.
With a staggering 91% year-over-year surge in AI activity across global industries, businesses are grappling with a growing oversight gap that could have dire consequences for cybersecurity. This shift necessitates the adoption of AI security platforms built on Zero Trust principles.
Zscaler’s findings indicate that AI usage in key sectors has surged by 200%, yet many organisations still lack a comprehensive inventory of their AI models and embedded features.
Finance and insurance are leading the charge, accounting for 23% of all AI/ML traffic, while sectors such as technology and education have experienced explosive growth at rates of 202% and 184%, respectively.
Despite this rapid adoption, a staggering number of enterprises are unaware of where sensitive data may be exposed, highlighting a critical need for improved AI governance.
“AI is no longer just a productivity tool but a primary vector for autonomous, machine-speed attacks,” warned Deepen Desai, EVP of Cybersecurity at Zscaler.
The report’s analysis has alarming implications: enterprise AI systems can be compromised in as little as 16 minutes, with critical vulnerabilities identified in 100% of tested systems. As AI-driven attacks proliferate, both cybercriminals and nation-state actors are leveraging this emerging technology to automate sophisticated cyber assaults.
Zscaler’s report also reveals that data transfers to AI/ML applications skyrocketed to 18,033 terabytes in 2025, marking a 93% jump from the previous year. This massive data influx transforms AI applications, including Grammarly and ChatGPT, into prime targets for cyber espionage.
Among the troubling findings were 410 million Data Loss Prevention (DLP) policy violations associated with ChatGPT alone, indicating a pressing need for robust AI governance.
In response to these evolving threats, nearly 90% of organisations plan to enhance their investment in identity and AI security in 2026. With traditional security measures proving inadequate in dynamic AI environments, Zscaler advocates for a modern Zero Trust approach. This framework not only provides critical visibility but also protects against lateral movement and AI-driven threats.
As AI continues to embed itself into the enterprise fabric, CISOs and cybersecurity professionals must act swiftly to address these vulnerabilities before their organisations become the next victims of unrelenting cyber threats.
