Scroll Top

The 2025 State of

Data+AI Security.

By Symmetry Systems

A Message From Our CEO

Data + AI security are increasingly critical in today's digital landscape for modern businesses, powering innovation at a scale never imagined before. But it requires a deep understanding of the effectiveness of safeguards controlling the data. This starts with data, and the human + machine identities that use it.

Symmetry Systems is at the forefront of data+AI security, and I'm proud to share Symmetry's State of Data+AI Security report, providing a vital perspective on the current landscape. Providing data-powered insights from over 50 organizational deployments of our platform, this report illuminates emerging risks and mitigation strategies.

This report highlights the scale of the problem we are addressing, the beauty and symmetry of excellent data security, and highlights the failures in security best practices that put data at risk. We hope you learn from the unprecedented data transparency.

Mohit Tiwari

Data stores containing some form of sensitive data.

Organizations with at least 1 human account without MFA enabled & console access to their environment.

Cloud Accounts / Projects are unknown i.e. outside the organization’s’ control boundary & unknown to the organization.

Data stores are considered dormant - no operations performed within last 90 days.

Dormant Identities with access to data - no operations performed within last 90 days.

Cloud Accounts / Projects with access to data are known and external to the organization.

Avg. growth in number of dormant data stores in the last 12 months.

Organizations collecting & retaining personal information - with at least three types of personal information identifiers.

Organizations had at least one form of secret stored outside of a secrets manager within their environment.

Data stores containing some form of sensitive data.​

Industry & Env. Play Big Role in Sensitive Data Distribution

On average, 9.3% of data stores contain some form of sensitive data, highlighting the need for robust data protection measures. However, this percentage can significantly increase for organizations operating as data brokers, where over 23% of their data stores may house sensitive information. 

In contrast, data stores within corporate collaboration platforms like OneDrive, SharePoint, and Google Drive incorporate far less sensitive data per data store or bucket, with less than 3% of their data stores containing such information.

Pleasingly, the distribution of sensitive data drops to less than 1% in development environments for most organizations, indicating a better adherence to data segregation practices as a result of deploying DSPM.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.