Only 8% of financial institutions noted that they do not see GenAI being used by criminals.

92% of the financial institutions surveyed indicate that fraudsters use generative AI.

Of organizations using AI/ML, 88% are incorporating generative AI at some level.

Only 24% of generative AI projects are secured.

Data security (43%) and lack of trust in GenAI outputs (40%) remain major adoption hurdles for GenAI in supply chains

98% of organisations are incorporating generative AI technologies into their products.

An overwhelming 99% of respondents anticipate reallocating resources from privacy budgets to AI initiatives in the future.

Nearly half of respondents admit to inputting personal employee or non-public data into GenAI tools.

63% of respondents are very familiar with Generative AI (GenAI).

Menlo Security identified nearly 600 incidents of GenAI fraud in 2024.

When asked if they agree with the statement "We aren't sure if any employees are currently accessing GenAI sites today or what they are doing on these sites," 42% of organizations surveyed said they strongly agree, 40% said they agree, 7% said they neither agree nor disagree, 5% said they disagree, 5% said they strongly disagree.

CISOs with good board relationships are more likely to be given the ability to pursue use cases for generative AI, such as creating threat detection rules (43% versus 31% of other CISOs), analyzing data sources (45% versus 28% of other CISOs), incident response and forensic investigations (42% versus 29% of other CISOs), and proactive threat hunting (46% versus 28% of other CISOs).

63.8% of ChatGPT users used the free tier, with 53.5% of sensitive prompts entered into it.

When asked if they agree with the statement "We are concerned about data leakage as employees increasingly use GenAI tools," 43% of organizations surveyed they strongly agree, 39% said they agree, 10% said they neither agree nor disagree, 5% said they disagree, and 3% said they strongly disagree.

47% of organisations cite adversarial advances powered by generative AI (GenAI) as their primary concern.

8.5% GenAI prompts contain sensitive information.

26.83% of sensitive data input into GenAI tools was employee data, including payroll data, PII, and employment records.

When asked if they agree with the statement "We aren't sure if any employees are currently accessing GenAI sites today or what they are doing on these sites," 42% of organizations surveyed said they strongly agree, 40% said they agree, 7% said they neither agree nor disagree, 5% said they disagree, 5% said they strongly disagree.

45.77% of sensitive data input into GenAI tools was customer data, such as billing information, customer reports, and customer authentication data.

5.64% of sensitive data input into GenAI tools was sensitive code, like Access Keys and proprietary source code.