Threat Labs Report: Australia 2025

GenAI adoption is accelerating across Australia, with 87% of organizations now using genAI applications, up from 75% just a year ago. In Australia, 95% of organizations use tools that include genAI-powered features, and 97% rely on genAI applications that use user data for training. Overall, 87% of organizations have adopted genAI apps directly, aligning local usage with global trends, where 90% have adopted cloud-based genAI solutions.

At the same time, the use of personal genAI accounts has shifted over the past year, starting at 64% in June last year, peaking at around 80% by the end of the year, and then dropping to 55% as of June 2025. This decline aligns with a growing move toward company-approved genAI solutions that offer better control and stronger safeguards for sensitive data. As this transition continues, Australian organizations should prioritize secure, enterprise-grade platforms that enable innovation while supporting compliance and reducing risk.

In Australia, the top 10 most widely used genAI applications closely mirror global usage patterns. Leading the pack is ChatGPT, which is currently used by 73% of organizations, making it the most popular genAI app in the region. Google Gemini has also seen strong adoption, with 52% of organizations integrating it into their workflows, positioning it as a prominent alternative to ChatGPT. Microsoft 365 Copilot follows, used by 44% of organizations, reflecting growing interest in genAI tools embedded within productivity platforms. The rest of the top 10 includes a diverse mix of domain-specific applications and embedded AI tools tailored to particular business needs and industry use cases.

The chart below illustrates how the popularity of these top 10 genAI applications has evolved over the past year, highlighting the rapid pace of change in the genAI landscape. ChatGPT remains the most widely used app among Australian organizations, though its usage has seen a slight decline over the past few months. This is the first decline we have ever observed in ChatGPT’s popularity, aligning with global trends. Meanwhile, Google Gemini has shown steady, gradual growth throughout the year, reflecting increasing interest and adoption. Notably, Microsoft 365 Copilot has experienced a sharp rise in usage in recent months, driven by its integration into widely used productivity tools and enterprise platforms. Grok has also entered the top 10 for the first time ever, and at 15% it is slightly more popular in Australia than the global average.

As genAI adoption accelerates across Australian enterprises, the risks tied to data exposure are becoming a central concern. Organizations across the country are increasingly leveraging genAI tools for tasks like summarizing large documents, generating content, and streamlining software development workflows. However, the very nature of these use cases, summarization and generation, requires users to send potentially sensitive data to genAI applications, creating a growing surface for data security threats.

Data security remains a growing concern for organizations in Australia as genAI adoption becomes more widespread. The risks associated with data loss prevention (DLP) are increasingly relevant, particularly as genAI apps become embedded in everyday workflows and shadow IT continues to emerge as a challenge.

Analysis of recent data policy violations reveals that the most common type of sensitive information exposed to genAI apps in Australia is intellectual property, making up 42% of all violations. Source code follows closely, accounting for 31% of violations, often leaked as developers use genAI to summarize, write, or review code. While sensitive information, such as passwords, API keys, and regulated data, is also being exposed through genAI apps, the frequency of these exposures in Australia is broadly consistent with global patterns.

The scale of these risks is amplified by the sheer number of genAI tools available in the market and their rapid, often unmonitored adoption across business units. Without centralized oversight, many organizations are unknowingly allowing sensitive data to flow into unapproved platforms, making it harder to enforce security controls or comply with internal governance standards.

To move forward safely, Australian businesses must strike a careful balance: harnessing the productivity and innovation that genAI enables, while also putting in place strong data governance and access controls. Encouragingly, the adoption of DLP solutions in Australia is on the rise, increasing from 32% to 41%, reflecting growing awareness of the need to protect sensitive information in the age of genAI.

Australian organizations are taking a strategic approach to managing genAI tools, with many implementing blocks based on security, privacy, or compliance concerns. While specific policies vary across industries, certain applications consistently appear on block lists, signaling areas of heightened scrutiny. If any of the apps in the top 10 list below are active in your environment, it may be worth reviewing the usage and evaluating whether category-wide restrictions are more appropriate than managing tools individually.

In Australia, DeepSeek tops the list of most blocked genAI apps, with 69% of organizations restricting access, often due to concerns over data handling and model transparency. Reverso Translation follows at 34%, reflecting growing caution around the use of AI-driven language tools. Stable Diffusion, known for its content generation capabilities, is blocked by 32% of organizations, typically due to concerns around image generation and content licensing.

Following the same trend seen globally, Grok AI is present with a 30% block rate, suggesting that emerging tools are also being actively assessed for risk. These trends indicate that Australian businesses are not only responding to specific threats but also taking broader steps to align their genAI usage with internal risk frameworks and data protection standards.