An analysis of nearly one trillion AI/ML transactions across the Zscaler Zero Trust Exchange platform between January and December 2025 reveals that artificial intelligence is no longer just a productivity tool but also a significant vector for cyberthreats. According to Zscaler’s research, organizations are insufficiently prepared for the risks associated with the increasing integration of AI into business processes.
“AI is no longer just a productivity tool but a primary vector for autonomous, machine-speed attacks by both crimeware and nation-state,” said Deepen Desai, EVP Cybersecurity at Zscaler. “In the age of Agentic AI, an intrusion can move from discovery to lateral movement to data theft in minutes, rendering traditional defenses obsolete. To win this race, organizations must fight AI with AI by deploying an intelligent Zero Trust architecture that shuts down the potential paths for the attackers of all kinds.”
AI usage now spans every business function, yet in many sectors, adoption is scaling faster than the C-suite can manage. Finance & Insurance remains the most AI-driven sector by volume, accounting for 23% of all AI/ML traffic, while the Technology and Education sectors recorded explosive year-over-year growth in transactions — 202% and 184%, respectively. Despite this, Zscaler research reveals a critical gap: many organizations still lack a basic inventory of active AI models and embedded features, leaving them unaware of exactly where sensitive data is exposed.
AI in the Enterprise: Emerging Trends and Security Issues from the 2026 Report
AI Adoption is Outpacing Oversight
AI usage now spans every business function, yet in many sectors, adoption is scaling faster than the C-suite can manage. Finance & Insurance remains the most AI-driven sector by volume, accounting for 23% of all AI/ML traffic, while the Technology and Education sectors recorded explosive year-over-year growth in transactions — 202% and 184%, respectively. Despite this, Zscaler research reveals a critical gap: many organizations still lack a basic inventory of active AI models and embedded features, leaving them unaware of exactly where sensitive data is exposed.
As Agentic AI Looms, 100% of Enterprise AI Systems Found Vulnerable to Breach at Machine Speed
While AI security discussions often focus on hypothetical future threats, Zscaler’s red team testing revealed a more immediate reality: when enterprise AI systems are tested under real adversarial conditions, they break almost immediately. In controlled scans, critical vulnerabilities surfaced in minutes, not hours. The median time to first critical failure was just 16 minutes, with 90% of systems compromised in under 90 minutes. In the most extreme case, the defense was bypassed in a single second.
As more evidence of AI‑driven attacks by cybercriminals and nation‑state espionage groups is uncovered, ThreatLabz warns autonomous and semi‑autonomous “agentic” AI will increasingly automate cyberattacks, with AI agents assuming responsibility for reconnaissance, exploitation, and lateral movement. Defenders must assume that attacks can scale and adapt at machine speed, not human speed.
AI Usage Surges 4x, Fueling New Enterprise Supply Chain Vulnerabilities=
ThreatLabz found AI/ML activity increased 91% year-over-year across an ecosystem of more than 3,400 applications. This rapid adoption has left many organizations with no clear map of the AI models interacting with their data or the supply chains behind them. ThreatLabz warns that this AI supply chain is now a primary target, as weaknesses in common model files allow attackers to move laterally into core business systems.
Unmanaged Embedded AI Creates Critical Data Exposure Risks
An enormous volume of activity is happening on “standalone AI” such as ChatGPT, which logged 115 billion transactions in 2025 and Codeium, which logged 42 billion transactions. “Embedded AI,” AI capabilities built directly into everyday enterprise SaaS applications and platforms, have become one of the fastest growing sources of unmanaged risk. Because these features are often active by default and escape detection by legacy security filters, they create a back door for sensitive corporate data to flow into AI models without oversight. Among all platforms analyzed, Atlassian was a leading source of embedded AI activity, reflecting widespread use of AI-powered features within its core platforms, such as Jira and Confluence.
18,000 TB of Data Poured into AI: A New Target for Machine-Speed Attacks
In 2025, enterprise data transfers to AI/ML applications surged to 18,033 terabytes (TB)—a 93% year-over-year increase and roughly equivalent to 3.6 billion digital photos. The massive influx has transformed tools like Grammarly (3,615 TB) and ChatGPT (2,021 TB) into the world’s most concentrated repositories of corporate intelligence.
The scale of this risk is quantified by 410 million Data Loss Prevention (DLP) policy violations tied to ChatGPT alone, including attempts to share Social Security numbers, source code, and medical records. These findings signal that AI governance has transitioned from a policy discussion to an immediate operational necessity. ThreatLabz warns that as these repositories grow, they are becoming high-priority targets for cyber espionage.
Modernize AI security with Zero Trust
Legacy firewalls and VPNs fail in dynamic AI environments, creating visibility gaps and security blind spots. Zscaler replaces this complexity with AI-native security, providing the real-time visibility and guardrails needed to innovate safely.
The Zscaler Zero Trust Exchange helps organizations stay ahead of AI-powered threats by:
- Eliminating Attack Surfaces: Enforce continuous verification and least-privileged access.
- Blocking AI Threats: Inspect all traffic, including encrypted data, to stop threats in real time.
- Protecting Data Everywhere: Automatically discover and classify sensitive data across all environments.
- Neutralizing Lateral Movement: Use AI-powered segmentation to contain attackers.
- Optimizing Responses: Leverage predictive AI to accelerate security operations and posture management.
