AI is the New Insider Threat
Thales 2026 Data Threat Report Finds 70% of Organizations Rank AI as Top Data Security Risk
Data security has taken center stage as the success of enterprise AI initiatives increasingly hinges on consistent, controlled access to proprietary organizational data sources. The 2026 Thales Data Threat Report examines the complex calculus that organizations must undertake to enable innovation while securing their most valuable asset — their data.
This research was based on a global survey of 3,120 respondents fielded via web survey with targeted populations for each country, aimed at professionals in security and IT management.
Conducted by
“Insider risk is no longer just about people. It is also about automated systems that have been trusted too quickly. When identity governance, access policies, or encryption are weak, AI can amplify those weaknesses across environments far faster than any human ever could.”
Key Findings
Security priorities are changing with AI
70% The speed of AI change within AI ecosystems is top of mind when it comes to AI security with 70% citing rate of change as the top AI risk.
61% report their AI applications are being targeted by attackers, with sensitive data being the leading target.
48% AI-fueled attacks emerge as a prominent threat - 59% have seen deepfake attacks and 48% have experienced reputational damage, as a result of AI-generated misinformation.
Data protection is critical in the AI age
52% regard identity and access management as the most pressing security discipline, as attackers exploit credentials.
Only about half of sensitive data in the cloud is encrypted. 47%
Rising geopolitical risk is reshaping data sovereignty
54% are pursuing reworking and refactoring of application and data architectures as their main focus in achieving sovereignty objectives.
36% believe cryptographic protections such as encryption and key management are sufficient to achieve data sovereignty.
Complexity limits clear insight into data security posture
28% cite Human error as the leading cause of breach, but 63% rank nation state attackers as one of top three greatest concerns.
Audit failures are linked to higher breach risk –
Only 6% of organizations that failed an audit reported no past breaches, compared with 30% of those that passed.
Future risks are here today
Quantum concerns shift to the reality of harvest now, decrypt later (HNDL), 61% cited as the top concern.
Organizations are moving to mitigate quantum risk –
59% are prototyping and evaluating Post-Quantum Cryptographic (PQC) algorithms.
Cloud is a significant attack target
35% cloud storage, 34% cloud applications and 32% cloud management infrastructure as the top three attack targets.
Credential theft is the leading attack technique against cloud infrastructure – 67% are seeing credential theft and misappropriated secrets increasing.
