Skip to content

LayerX Report: AI Security Risks Concentrated Among Power Users and Private Accounts

In brief: AI risks in enterprises concentrate on five percent power users and private consumer AI accounts, while enterprise solutions provide significantly better governance.

The State of AI Usage Report by LayerX Security shows that AI security risks in enterprises are highly asymmetrically distributed: the top five percent of users (power users) generate the majority of AI interactions and drive the largest data exposure. Particularly critical: Google Gemini is mostly accessed by employees via private consumer accounts without enterprise control.

The LayerX report documents a differentiated picture of AI usage in enterprises that contradicts the widespread assumption of universal adoption. Nearly half of all employees interacted with AI tools at least once in the past year. However, only 18 percent use these technologies on a weekly basis. The distribution of activity is decisive: while 50 percent of occasional users conducted a maximum of twelve conversations, the top five percent of the workforce generated at least 144 separate conversations. Power users use an average of 18 prompts per conversation—half of all users only two.

ChatGPT dominates the enterprise landscape with 36 percent of all AI users and is responsible for over 55 percent of all measured conversations. Microsoft Copilot M365 reaches an adoption rate of 29 percent and covers almost a quarter of total conversations. Governance risks differ significantly: Copilot M365 typically runs within the Microsoft infrastructure managed by IT and is subject to strict controls. Google Gemini, by contrast, is mostly accessed by employees via the regular consumer version with private user accounts in unmanaged environments—not through the enterprise variant. This results in complete lack of control over data storage, model training, and processing of sensitive business information.

Shadow AI has structurally changed: it is no longer merely about unapproved chatbot usage, but rather about fragmented adoption across specialized tools, browser extensions, AI search engines, coding copilots, and automated SaaS features. Almost 30 percent of employees use multiple AI platforms in parallel. For CISOs, this means a diffuse attack surface: the actual security risk does not emerge from broad usage, but from intensive, uncontrolled activity of a small high-user group alongside a fragmented shadow AI landscape.


Source: www.it-daily.net · Published 8 June 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.5.

Share on: