AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Artificial intelligence (AI) has rapidly shifted from buzz to business necessity over the past year—something Zscaler has seen firsthand while pioneering AI-powered solutions and tracking enterprise AI/ML activity in the world’s largest security cloud.

As enterprises embrace AI to boost productivity, accelerate decision-making, and automate workflows, to name a few benefits, cybercriminals are using the same technology to automate and scale more sophisticated attacks. From hyper-realistic deepfakes to advanced vishing scams, AI-generated threats have quickly raised the stakes for enterprise security.

With AI fundamentally changing both how businesses operate and how cybercriminals attack, organizations must maintain a current and comprehensive understanding of the enterprise AI landscape. The just released ThreatLabz 2025 AI Security Report examines the intersection of enterprise AI usage and security, drawing insights from 536.5 billion AI/ML transactions in the Zscaler Zero Trust Exchange. The report reveals how enterprises worldwide and across industries are using and managing AI/ML tools, highlighting both their benefits and the security concerns that come with them. It examines the rising risks associated with AI, from cybercriminals weaponizing AI for more sophisticated attacks to the security implications of recent AI advancements like the open source model DeepSeek, while providing best practices for mitigating these risks.

This blog post summarizes several highlights from the report. For the full analysis and security guidance, download the ThreatLabz 2025 AI Security Report now.
 

5 key findings: AI usage and threat trends

The ThreatLabz research team analyzed activity from over 800 known AI/ML applications between February–December 2024. The following finding reveal notable trends—and concerns—surrounding AI usage:

1. AI/ML usage surged exponentially: AI/ML transactions in the Zscaler cloud increased 36x (+3,464.6%) year-over-year, highlighting the explosive growth of enterprise AI adoption. The surge was fueled by ChatGPT, Microsoft Copilot, Grammarly, and other generative AI tools, which accounted for the majority of AI-related traffic from known applications. 
   
   
   Figure 1: Top AI applications by transaction volume
    
2. Enterprises blocked a large proportion of AI transactions: 59.9% of AI/ML transactions were blocked, signaling concerns over data security and the uncontrolled use of AI applications. As organizations work to establish AI governance frameworks, many are taking a cautious approach, restricting access to certain AI applications as they refine policies around data protection.
3. U.S. and India drive the most AI/ML traffic: The United States and India recorded the highest volume of AI/ML transactions in the Zscaler cloud, reflecting strong enterprise adoption and a growing focus on AI-driven innovation. Other top contributors include the United Kingdom, Germany, and Japan, each exhibiting different levels of AI/ML activity, reflecting distinct approaches to balancing AI usage with security, compliance, and regional regulatory considerations.
4. Finance & Insurance and Manufacturing dominate AI adoption: The Finance & Insurance (28.4%) and Manufacturing (21.6%) sectors generated the most AI/ML traffic. Following them, Technology, Healthcare, and Government are integrating AI at varying rates as they navigate the fine line between adoption and apprehension.
   
   
   Figure 2: Industries driving the largest proportions of AI transactions
    
5. AI-driven cyber risks are escalating: Threat actors are leveraging AI to enhance phishing campaigns, automated attacks, and create realistic deepfake content. ThreatLabz researchers demonstrated how DeepSeek can be manipulated to quickly generate phishing pages that mimic trusted brands. Additionally, ThreatLabz uncovered a malware campaign in which attackers created a fake AI platform to exploit interest in AI and trick victims into downloading malicious software.
    
    

Evolving AI risks in the enterprise

As our findings indicate, enterprises face a growing twofold challenge: (1) securing the inevitable and rapid adoption of AI/ML within their environments and (2) defending against increasingly sophisticated AI-enabled cyberthreats. Staying informed of the latest AI-driven security risks and their far-reaching business consequences is essential.  

In the 2025 AI Security Report, ThreatLabz delves into evolving risks of AI, including:

• Shadow AI and data leakage: Key questions enterprises should consider to control unauthorized use of AI tools that may expose sensitive data.
• AI-generated phishing campaigns: A ThreatLabz case study demonstrates how DeepSeek can create a phishing page in just five prompts.
• AI-driven social engineering: An overview of the rising use of AI in social engineering, from deepfake videos to voice impersonation used to defraud enterprises.
• Malware campaigns exploiting interest in AI: ThreatLabz investigation into a malware campaign reveals how attackers lure victims with a fake AI platform to deliver the Rhadamanthys infostealer. 
• The dangers of open source AI: How unrestricted models like DeepSeek introduce security risks, from accidental data exposure to data exfiltration.   
• The rise of agentic AI: The challenges and risks associated with autonomous AI systems capable of executing tasks with minimal human oversight

As AI adoption continues to gain traction and becomes essential, enterprises must proactively shore up their security postures to safeguard AI/ML tools, enforce governance policies, and defend against AI-related threats.
 

Securing AI—and staving off AI threats—with AI  

The ThreatLabz 2025 AI Security Report provides detailed guidance for enterprises looking to securely adopt AI while minimizing risks and blocking AI-powered cyberthreats.

At a high level, as organizations integrate more AI into their workflows, they must also rethink security strategies to account for new vulnerabilities, expanded attack surfaces, and AI-assisted attacks. Traditional security models rooted in firewalls and VPNs cannot keep up with the speed and sophistication of AI-powered threats. Enterprises must adopt zero trust as their foundation, eliminating implicit trust, enforcing least-privilege access, and continuously verifying all AI interactions.

Zscaler’s zero trust architecture delivers zero trust everywhere—securing user, workload, and IoT/OT communications—infused with comprehensive AI capabilities. Its AI models detect and disrupt advanced threats, blocking millions of attacks daily to enhance enterprise security outcomes and mitigate emerging risks.

The report details how to stop AI-powered threats with Zscaler, including these core security measures:

• Zero trust architecture: Reduce the attack surface by hiding applications and IP addresses from attackers and enforcing least-privilege access.
• Real-time AI insights: Employ predictive and generative AI for actionable insights that enhance security operations and digital performance.
• AI visibility: Get in-depth visibility into AI application trends and interactions through interactive dashboards.
• AI-powered cyberthreat protection: Detect and block AI-generated phishing campaigns, adversarial exploits, and AI-driven malware in real time.
• AI-powered data classification and DLP: Use AI-driven classification to detect and protect sensitive data across Zscaler’s Data Fabric.
• AI-powered app segmentation: Stop lateral movement within networks, ensuring attackers cannot easily escalate privileges or access critical systems.
• AI-powered breach prediction: Preempt potential breach scenarios using generative AI and multi-dimensional predictive models.

Beyond defending against AI-driven threats, enterprises must also ensure AI adoption is secure and controlled. Zscaler provides full visibility into GenAI usage, including app prompts and responses; isolates sensitive data; and enforces granular controls to prevent unauthorized access. With real-time monitoring, AI guardrails, and adaptive security controls, organizations can safely integrate AI tools without exposing critical data or increasing risk.
 

Get the report

As AI further transforms enterprise security, organizations must stay ahead of both AI adoption trends and the evolving threats that come with it. The ThreatLabz 2025 AI Security Report offers additional data-driven insights and analysis of AI’s impact on cybersecurity, with expert guidance to help enterprises securely embrace AI and mitigate its risks.

Download the full report for deeper knowledge on:

• Enterprise AI/ML adoption trends, including the top applications and categories   
• Recent AI developments such as updates on the regulatory landscape 
• AI predictions for 2025–2026 that enterprises should consider
• Best practices and strategies to securely adopt AI with zero trust